Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2026-05-12 10:52Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity
7.5 (High)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
173 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| ietf | http |
Affected:
2.0
cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 6386c9c4-033b-4ac4-b69d-cdc0288bae9a
Exploited: Yes
Timestamps
First Seen: 2023-10-10
Asserted: 2023-10-10
Scope
Notes: KEV entry: HTTP/2 Rapid Reset Attack Vulnerability | Affected: IETF / HTTP/2 | Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2023-10-31 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-400 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | HTTP/2 |
| Due Date | 2023-10-31 |
| Date Added | 2023-10-10 |
| Vendorproject | IETF |
| Vulnerabilityname | HTTP/2 Rapid Reset Attack Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: fae08f6d-923d-44ec-9dcd-b7aef9e8e475
Exploited: Yes
Timestamps
First Seen: 2023-10-10
Asserted: 2023-10-10
Scope
Notes: KEVIntel entry: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as... | Affected: Google / Cloud Platform | CVSS: 7.5 (HIGH) | EPSS: 0.99999 | Used in malware: unknown | Not yet in CISA KEV: False
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as... |
| Vendor | |
| Product | Cloud Platform |
| Added Date | 2023-10-10T00:00:00.000Z |
| Cvss Score | 7.5 |
| Epss Score | 0.99999 |
| Cvss Severity | HIGH |
| Epss Percentile | 0.99996 |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
Created: 2026-06-23 11:14 UTC
| Updated: 2026-06-23 11:14 UTC
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00.000Z",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:23.784Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:52:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-44487",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2023-10-10",
"dueDate": "2023-10-31",
"knownRansomwareCampaignUse": "Unknown",
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"product": "HTTP/2",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).",
"vendorProject": "IETF",
"vulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability"
},
"epss": {
"cve": "CVE-2023-44487",
"date": "2026-06-29",
"epss": "0.99999",
"percentile": "0.99996"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44487\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-10-10T14:15:10.883\",\"lastModified\":\"2026-06-17T06:27:44.067\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"},{\"lang\":\"es\",\"value\":\"El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"ietf\",\"product\":\"http\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"2.0\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM APE1808\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC NMS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-07-23T20:34:21.334116Z\",\"id\":\"CVE-2023-44487\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2023-10-10\",\"cisaActionDue\":\"2023-10-31\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"HTTP/2 Rapid Reset Attack Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A334F7B4-7283-4453-BAED-D2E01B7F8A6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BEA71C-CA81-4B5D-A688-2B21E62DC351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B405F22-5517-49F5-A7CA-1E50D58DFC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"AE06B8AF-B36C-4743-A056-30712163F75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:st7_scadaconnect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"BCBD17AE-C1AE-4ECF-A991-0FFBDD06D687\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDCA69-9049-40B4-88AF-F476901022B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B89A6863-B602-4404-8D26-337FECABFFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38253-92F5-4A3A-AA07-292F7542D8A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.57.0\",\"matchCriteriaId\":\"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.100\",\"matchCriteriaId\":\"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B058776-B5B7-4079-B0AF-23F40926DCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.53\",\"matchCriteriaId\":\"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"C993C920-85C0-4181-A95E-5D965A670738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.17\",\"matchCriteriaId\":\"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.2\",\"matchCriteriaId\":\"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.5\",\"matchCriteriaId\":\"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"328120E4-C031-44B4-9BE5-03B0CDAA066F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7522C760-7E07-406F-BF50-5656D5723C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"783E62F2-F867-48F1-B123-D1227C970674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"88978E38-81D3-4EFE-8525-A300B101FA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"05E452AA-A520-4CBE-8767-147772B69194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"596FC5D5-7329-4E39-841E-CAE937C02219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"B3C7A168-F370-441E-8790-73014BCEC39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"CF16FD01-7704-40AB-ACB2-80A883804D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"9167FEC1-2C37-4946-9657-B4E69301FB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"C8F39403-C259-4D6F-9E9A-53671017EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"922AA845-530A-4B4B-9976-4CBC30C8A324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F938EB43-8373-47EB-B269-C6DF058A9244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87670A74-34FE-45DF-A725-25B804C845B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"C7E422F6-C4C2-43AC-B137-0997B5739030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"CC3F710F-DBCB-4976-9719-CF063DA22377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DB21AE-DF53-442D-B492-C4ED9A20B105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"21D51D9F-2840-4DEA-A007-D20111A1745C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"A326597E-725D-45DE-BEF7-2ED92137B253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B235A78-649B-46C5-B24B-AB485A884654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"BC36311E-BB00-4750-85C8-51F5A2604F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBD10E8-6054-408F-9687-B9BF6375CA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E6018B01-048C-43BB-A78D-66910ED60CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83794B04-87E2-4CA9-81F5-BB820D0F5395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"29563719-1AF2-4BB8-8CCA-A0869F87795D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6E7035-3299-474F-8F67-945EA9A059D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"0360F76D-E75E-4B05-A294-B47012323ED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7A4607BF-41AC-4E84-A110-74E085FF0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"441CC945-7CA3-49C0-AE10-94725301E31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969C4F14-F6D6-46D6-B348-FC1463877680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndIncluding\":\"1.8.2\",\"matchCriteriaId\":\"41AD5040-1250-45F5-AB63-63F333D49BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"910441D3-90EF-4375-B007-D51120A60AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8A6F9699-A485-4614-8F38-5A556D31617E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C446827A-1F71-4FAD-9422-580642D26AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D47B7691-A95B-45C0-BAB4-27E047F3C379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB23AE6-245E-43D6-B832-933F8259F937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.5\",\"versionEndIncluding\":\"1.25.2\",\"matchCriteriaId\":\"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.2\",\"matchCriteriaId\":\"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r25\",\"versionEndExcluding\":\"r29\",\"matchCriteriaId\":\"F291CB34-47A4-425A-A200-087CC295AEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.93\",\"matchCriteriaId\":\"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndIncluding\":\"9.0.80\",\"matchCriteriaId\":\"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.1.13\",\"matchCriteriaId\":\"0765CC3D-AB1A-4147-8900-EF4C105321F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A171AF-2EC8-4422-912C-547CDB58CAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\",\"versionEndExcluding\":\"1.28.0\",\"matchCriteriaId\":\"08190072-3880-4EF5-B642-BA053090D95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.56.3\",\"matchCriteriaId\":\"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndIncluding\":\"1.59.2\",\"matchCriteriaId\":\"E65AF7BC-7DAE-408A-8485-FBED22815F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"1.58.0\",\"versionEndExcluding\":\"1.58.3\",\"matchCriteriaId\":\"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\",\"matchCriteriaId\":\"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-08\",\"matchCriteriaId\":\"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.2.20\",\"matchCriteriaId\":\"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4.12\",\"matchCriteriaId\":\"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.6\",\"versionEndExcluding\":\"17.6.8\",\"matchCriteriaId\":\"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.4974\",\"matchCriteriaId\":\"E500D59C-6597-45E9-A57B-BE26C0C231D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3570\",\"matchCriteriaId\":\"C9F9A643-90C6-489C-98A0-D2739CE72F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3570\",\"matchCriteriaId\":\"1814619C-ED07-49E0-A50A-E28D824D43BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2538\",\"matchCriteriaId\":\"100A27D3-87B0-4E72-83F6-7605E3F35E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2428\",\"matchCriteriaId\":\"C6A36795-0238-45C9-ABE6-3DCCF751915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.18.2\",\"matchCriteriaId\":\"94BAB9EB-1527-4D9A-BADE-0708579536CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.8.1\",\"matchCriteriaId\":\"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.10.16.00\",\"matchCriteriaId\":\"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"EDEB508E-0EBD-4450-9074-983DDF568AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.1.9\",\"matchCriteriaId\":\"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.3\",\"matchCriteriaId\":\"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.6\",\"matchCriteriaId\":\"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.3\",\"matchCriteriaId\":\"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.1\",\"matchCriteriaId\":\"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.5\",\"matchCriteriaId\":\"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"376EAF9B-E994-4268-9704-0A45EA30270F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D08335-C291-4623-B80C-3B14C4D1FA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndIncluding\":\"2.12.5\",\"matchCriteriaId\":\"8633E263-F066-4DD8-A734-90207207A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"27ED3533-A795-422F-B923-68BE071DC00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"45F7E352-3208-4188-A5B1-906E00DF9896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.26.0\",\"matchCriteriaId\":\"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D54F5AE-61EC-4434-9D5F-9394A3979894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E37E1B3-6F68-4502-85D6-68333643BDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9393119E-F018-463F-9548-60436F104195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E567CD9F-5A43-4D25-B911-B5D0440698F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68146098-58F8-417E-B165-5182527117C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4D6790-63E5-4043-B8BE-B489D649061D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78698F40-0777-4990-822D-02E1B5D0E2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87C8AD3-8878-4546-86C2-BF411876648C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58966CB-36AF-4E64-AB39-BE3A0753E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BC540-073B-425B-B664-5EA4C00AFED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B12A3A8-6456-481A-A0C9-524543FCC149\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\",\"matchCriteriaId\":\"65203CA1-5225-4E55-A187-6454C091F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF390236-3259-4C8F-891C-62ACC4386CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A6B40D-F991-4712-8E30-5FE008505CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1987BDA-0113-4603-B9BE-76647EB043F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848C92A9-0677-442B-8D52-A448F2019903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.5.3\",\"matchCriteriaId\":\"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.414.2\",\"matchCriteriaId\":\"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.427\",\"matchCriteriaId\":\"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.0\",\"matchCriteriaId\":\"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.4.3\",\"matchCriteriaId\":\"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.003.009\",\"matchCriteriaId\":\"FB2BDBAC-8D19-4F81-8D31-6D0955A53D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.1\",\"matchCriteriaId\":\"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"C98BF315-C563-47C2-BAD1-63347A3D1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.0.2\",\"matchCriteriaId\":\"3F30E209-FA52-4D3B-9B88-4193EA388554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3178F3A5-A072-44E1-A225-B04BC536F4FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0\",\"matchCriteriaId\":\"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796B6C58-2140-4105-A2A1-69865A194A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4.2\",\"matchCriteriaId\":\"84785919-796D-41E5-B652-6B5765C81D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.3\",\"matchCriteriaId\":\"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.1\",\"matchCriteriaId\":\"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.10.4\",\"matchCriteriaId\":\"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0\",\"matchCriteriaId\":\"2CBED844-7F94-498C-836D-8593381A9657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.19.2\",\"matchCriteriaId\":\"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.01.0\",\"matchCriteriaId\":\"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6638F4E-16F7-447D-B755-52640BCB1C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6.2\",\"matchCriteriaId\":\"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.22\",\"matchCriteriaId\":\"2955BEE9-F567-4006-B96D-92E10FF84DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.15.1\",\"matchCriteriaId\":\"67502878-DB20-4410-ABA0-A1C5705064CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.2\",\"matchCriteriaId\":\"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.1.0\",\"matchCriteriaId\":\"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528ED62B-D739-4E06-AC64-B506FD73BBAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15702ACB-29F3-412D-8805-E107E0729E35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B34855-D8D2-4114-80D2-A4D159C62458\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4226DA0-9371-401C-8247-E6E636A116C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DBBFE9-835C-4411-8492-6006E74BAC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3293438-3D18-45A2-B093-2C3F65783336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED628B5-97A8-4B26-AA40-BEC854982157\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB9DD73-E31D-4921-A6D6-E14E04703588\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFC116A-627F-4E05-B631-651D161217C8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4532F513-0543-4960-9877-01F23CA7BA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B43502B-FD53-465A-B60F-6A359C6ACD99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A532C0-B0E3-484A-B356-88970E7D0248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652A2849-668D-4156-88FB-C19844A59F33\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43913A0E-50D5-47DD-94D8-DD3391633619\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8E1073F-D374-4311-8F12-AD8C72FAA293\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F80A72-AD54-4699-B8AE-82715F0B58E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E505C0B1-2119-4C6A-BF96-C282C633D169\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088C0323-683A-44F5-8D42-FF6EC85D080E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CB4002-7636-4382-B33E-FBA060A13C34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915EF8F6-6039-4DD0-B875-30D911752B74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97217080-455C-48E4-8CE1-6D5B9485864F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CA1A59-2681-4507-AC74-53BD481099B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4283E433-7F8C-4410-B565-471415445811\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA5389A-8AD1-476E-983A-54DF573C30F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11411BFD-3F4D-4309-AB35-A3629A360FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E10975-B47E-4F4D-8096-AEC7B7733612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E40F42-632A-47DF-BE33-DC25B826310B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C64136-89C2-443C-AF7B-BED81D3DE25A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBEF7F26-BB47-44BD-872E-130820557C23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182000E0-8204-4D8B-B7DE-B191AFE12E28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102F91CD-DFB6-43D4-AE5B-DA157A696230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E952A96A-0F48-4357-B7DD-1127D8827650\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084D0191-563B-4FF0-B589-F35DA118E1C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D81F1-8B12-4474-9060-B4934D8A3873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5394DE31-3863-4CA9-B7B1-E5227183100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968390BC-B430-4903-B614-13104BFAE635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7349D69B-D8FA-4462-AA28-69DD18A652D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91231DC6-2773-4238-8C14-A346F213B5E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C3CE6D-BD54-48B1-A188-8E53DA001424\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"498991F7-39D6-428C-8C7D-DD8DC72A0346\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113772B6-E9D2-4094-9468-3F4E1A87D07D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B90D36-5124-4669-8462-4EAF35B0F53D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC2B1F-232E-4754-8076-CC82F3648730\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1127D2-12C0-454F-91EF-5EE334070D06\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF467E2-4567-426E-8F48-39669E0F514C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D6DB7F-C025-4971-9615-73393ED61078\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4364ADB9-8162-451D-806A-B98924E6B2CF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53BCB42-ED61-4FCF-8068-CB467631C63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E0371B-FDE2-473C-AA59-47E1269D050F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7282AAFF-ED18-4992-AC12-D953C35EC328\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA022E77-6557-4A33-9A3A-D028E2DB669A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360409CC-4172-4878-A76B-EA1C1F8C7A79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492A2C86-DD38-466B-9965-77629A73814F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB7AA46-4018-4925-963E-719E1037F759\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB270C45-756E-400A-979F-D07D750C881A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79DD582-AF68-44F1-B640-766B46EF2BE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04484DA-AA59-4833-916E-6A8C96D34F0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76FB64F-16F0-4B0B-B304-B46258D434BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E02DC82-0D26-436F-BA64-73C958932B0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E128053-834B-4DD5-A517-D14B4FC2B56F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E1D224-4751-4233-A127-A041068C804A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD31B075-01B1-429E-83F4-B999356A0EB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/grpc/grpc/releases/tag/v1.59.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:08:27.383Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T20:34:21.334116Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"], \"vendor\": \"ietf\", \"product\": \"http\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-10T00:00:00.000Z\", \"value\": \"CVE-2023-44487 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:31:22.372Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\"}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\"}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\"}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\"}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\"}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\"}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\"}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\"}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\"}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\"}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\"}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\"}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\"}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\"}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\"}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\"}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\"}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\"}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\"}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\"}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\"}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\"}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/7\", \"name\": \"[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/6\", \"name\": \"[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\"}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\"}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\"}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\"}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\"}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\"}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\"}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\"}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\"}, {\"url\": \"https://github.com/nodejs/node/pull/50121\"}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\"}, {\"url\": \"https://github.com/golang/go/issues/63417\"}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\"}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\"}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\"}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\"}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\"}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\"}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\"}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\"}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\"}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\"}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\"}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\"}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\"}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\"}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\"}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\"}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\"}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\"}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\"}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\"}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\"}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\"}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\"}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\"}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\"}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\"}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\"}, {\"url\": \"https://github.com/line/armeria/pull/5232\"}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\"}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\"}, {\"url\": \"https://github.com/openresty/openresty/issues/930\"}, {\"url\": \"https://github.com/apache/apisix/issues/10320\"}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\"}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\"}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\"}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\"}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\"}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\"}, {\"url\": \"https://github.com/grpc/grpc/releases/tag/v1.59.2\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-06-07T20:05:34.376Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44487\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\", \"dateReserved\": \"2023-09-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-10-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2023:7522
Vulnerability from csaf_redhat - Published: 2023-11-28 13:45 - Updated: 2026-06-30 08:41Summary
Red Hat Security Advisory: OpenShift Virtualization 4.13.6 security and bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.13.6 images.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Virtual machine export is not working on Quota defined namespace (BZ#2236422)
* [4.13] Host assisted clone hangs because some provisioners don't allow mounting block PVC read only (BZ#2247666)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
70 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
90 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization 4.13.6 images.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Virtual machine export is not working on Quota defined namespace (BZ#2236422)\n\n* [4.13] Host assisted clone hangs because some provisioners don\u0027t allow mounting block PVC read only (BZ#2247666)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7522",
"url": "https://access.redhat.com/errata/RHSA-2023:7522"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2236422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236422"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "2247666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247666"
},
{
"category": "external",
"summary": "CNV-34788",
"url": "https://issues.redhat.com/browse/CNV-34788"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7522.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.13.6 security and bug fix update",
"tracking": {
"current_release_date": "2026-06-30T08:41:50+00:00",
"generator": {
"date": "2026-06-30T08:41:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2023:7522",
"initial_release_date": "2023-11-28T13:45:02+00:00",
"revision_history": [
{
"date": "2023-11-28T13:45:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-28T13:45:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T08:41:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.13 for RHEL 9",
"product": {
"name": "CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"product_id": "container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry-rhel9\u0026tag=v4.13.6.rhel9--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-operator-rhel9\u0026tag=v4.13.6-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"product_id": "container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"product": {
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"product_id": "container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubesecondarydns-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"product_id": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-console-plugin-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"product_id": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-dpdk-checkup-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator-rhel9\u0026tag=v4.13.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"product_id": "container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"product": {
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"product_id": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/multus-dynamic-networks-rhel9\u0026tag=v4.13.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"product": {
"name": "container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"product_id": "container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"product": {
"name": "container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"product_id": "container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"product": {
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"product_id": "container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"product": {
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"product_id": "container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"product": {
"name": "container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"product_id": "container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"product": {
"name": "container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"product_id": "container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"product_id": "container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"product": {
"name": "container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"product_id": "container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"product": {
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"product_id": "container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-console-proxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64",
"product": {
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64",
"product_id": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-network-latency-checkup-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"product": {
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"product_id": "container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"product_id": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"product_id": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry-rhel9\u0026tag=v4.13.6.rhel9--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"product_id": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"product_id": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-operator-rhel9\u0026tag=v4.13.6-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"product": {
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"product_id": "container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"product": {
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"product_id": "container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubesecondarydns-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"product_id": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-console-plugin-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"product_id": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-dpdk-checkup-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator-rhel9\u0026tag=v4.13.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"product_id": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"product": {
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"product_id": "container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"product": {
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"product_id": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/multus-dynamic-networks-rhel9\u0026tag=v4.13.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"product_id": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"product": {
"name": "container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"product_id": "container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"product_id": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"product_id": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"product_id": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"product_id": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"product_id": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"product_id": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"product": {
"name": "container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"product_id": "container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"product": {
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"product_id": "container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"product": {
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"product_id": "container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"product": {
"name": "container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"product_id": "container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"product": {
"name": "container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"product_id": "container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"product": {
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"product_id": "container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"product": {
"name": "container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"product_id": "container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"product": {
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"product_id": "container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-console-proxy-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"product": {
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"product_id": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-network-latency-checkup-rhel9\u0026tag=v4.13.6--2023-123262"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64"
},
"product_reference": "container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64"
},
"product_reference": "container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64"
},
"product_reference": "container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64"
},
"product_reference": "container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64"
},
"product_reference": "container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64"
},
"product_reference": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64"
},
"product_reference": "container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64"
},
"product_reference": "container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64"
},
"product_reference": "container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64"
},
"product_reference": "container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64"
},
"product_reference": "container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64"
},
"product_reference": "container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64"
},
"product_reference": "container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64"
},
"product_reference": "container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64"
},
"product_reference": "container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64"
},
"product_reference": "container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64"
},
"product_reference": "container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64"
},
"product_reference": "container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64"
},
"product_reference": "container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64"
},
"product_reference": "container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64"
},
"product_reference": "container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64"
},
"product_reference": "container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64"
},
"product_reference": "container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64"
},
"product_reference": "container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64"
},
"product_reference": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"relates_to_product_reference": "9Base-CNV-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64 as a component of CNV 4.13 for RHEL 9",
"product_id": "9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
},
"product_reference": "container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64",
"relates_to_product_reference": "9Base-CNV-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64"
],
"known_not_affected": [
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-28T13:45:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7522"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64"
],
"known_not_affected": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-28T13:45:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7522"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:0e71d3c240537211edc18dfdfb3e5a3eca9f88a53ee3fd7d58dc18074644a69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/bridge-marker-rhel9@sha256:d85a4f8ec1cea7bba6575be9984f48fce5a4600b562fb072780719f1bc5ed80e_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:107d04e43edd1399d48742b8830dcba237809320a1fec8b4f68782b0efc2fd86_arm64",
"9Base-CNV-4.13:container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f559d2bdbd8487f726498d10f96a3951f0e44b7c063939cabfca16e74c35bd68_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:70ddbdb6e7c61024cb4249af53a943a40fcf09d7867c55e91d10a61f90dee9f9_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:92c79fa3527d94798647e08d652d3efa3de951792938514d1c975216a9deb6b1_amd64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:01237c51aae3adceeea01460602c5bb900357444cae56ae0e22e99c818435692_arm64",
"9Base-CNV-4.13:container-native-virtualization/cnv-must-gather-rhel9@sha256:1fe01e810e8e7b6b86d60199113bd59ca65fe92f7619c9fb7e953ac6eef5d3e3_amd64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:1b696ba369b10f370f5e13d5cb86cacd34fae5406454e2f89a91708b34efd350_arm64",
"9Base-CNV-4.13:container-native-virtualization/hco-bundle-registry-rhel9@sha256:bd1138c5193f4141105fdf665bf60693631ee6edafa8688cd541534fb8b4da88_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:4d3b8bc4aebf94a9fd4247bca243e7a19e9bc7ddb0060f3020eaae90a4d3b554_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-csi-driver-rhel9@sha256:67a15301595b1552963b684a2bdcbabd0b7c9f64efea05a22f1defaeb802e000_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:46935d95ae6c7861756fee7c4026d7877d6991ae7d237aeade91694c98ececd6_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:91d2e6eb9652199683914aa039cb9e1df6f17f1c9a4c8bde03cb8dbf146cf66e_arm64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:9ebff9a91c3fb8018cafc2f47834375575921677a1dd30b5d4b8205a3fc9b08e_amd64",
"9Base-CNV-4.13:container-native-virtualization/hostpath-provisioner-rhel9@sha256:a66f5bdcf12014dc03a240fcdb800545c992b7f6b3fe8471b10431e98ab1abc9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:01630384f181e43217d435dcc0ae92e137bf976876690b68c442e59cc4b50d80_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:18d5ce221b8b2c938b2d52d6751e4679b57a7723ff02698ab0fce89c4c160bd9_arm64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:380f2d6a3b273717a130ff60531efbcbad5031b503d6be70e74f0dad77e61e48_amd64",
"9Base-CNV-4.13:container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ab8e7f2fac2870e0ac55a6b22ecac1120db26f9203687588be13ad3e644835a3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:016464c7400ea5e04d1d4df40bec38bd4dde83d8f79db0c54a8d81e803b8fb79_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubemacpool-rhel9@sha256:81e70858aab8bda6cc23788eab031ec38b00b45fb87a4358a98d11f511030396_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:a82f6e4ae5e2f3f26e81b5ed030a892c48165a69584cdb636bc281c2f63ab3f0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubesecondarydns-rhel9@sha256:c7f3ad8727cda85d27466ccba129d0835e2a40cd23a1104e5d688887144d0eac_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:44425d1d119a2f9cb64dfad35ef5699b246ac4373e13c3184db67e53c7de4c01_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5a053e4919a82d77a3b889ea0d67e2cb8fcdb3c0490eaaee2a2c6695ff7b8bc3_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:eb09be5eb5cc9c61ac72e16d868001911cb900cee4e0d4b33e0e1bf2121b8bd1_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:ebf7a7fccbcfde5a5e41789bc6674b956b24f9ea467b0b1a78c8e4edf3ef84b0_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:10505edee0e2e0deedb789149d5393da6a654dd509b01eaec0831fa687efdafd_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:29923097262e92e2ea605816ab5dc49a8e391da69443d874ddb79202b9af51cf_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:13618d47989e341d083ccfc8562031fa70c1b40c74962cbab719b2dd0816554d_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:9ba387cfd3ac34a6feb5dca25702a9a5361dfe81b4c4837fb916ec25952d4c39_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1084bb29c47de1ef44825f2fafcaa69ef6099dadb7f5a4b79157a62c936b82c2_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:a1c68142038f9c1e8c09d0160c2c419900a672ebfdf6ca2ed8654f7111b39ea9_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e12388f059afbd197b3d522f078c98ca78b937d6306b73e1797eedf838f8ba5_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:9e6271542b1628a195ea3fbe5eaba8344d395c861c2ecfc71d1f031dd41aa79c_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:326c0ae083455c35ea6af7a7e81d4fe345fb0eeb9dfa141b32c53e9679cce929_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:ad8302605f2ad0bd58cdc6ccf3121cd5d626b4cda25fa879cf6baf340f60e5e1_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:3ed508b877d1b1ed91a9e092b9cee738471d705f9dbfb7f9af8f3e627a8a9d06_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:8d70b6abac3ed0f2af3b2ce2017ca6a26619e2bbf57ffd91137448a3195d1061_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d418e632cbce9b80986597698fec46298f5c4543d886b22b66b2d29367915456_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:eee2a83077e00faba6b8ae62dce61b2e03cb5a19a68a724b55b2ea70b709302d_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:18c1bba00e243364d013c4d113c0685a9d5097111a296c0c01883b5440d44e56_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:1969c2916efecbd6422f5e994dd6950295e87addfc82ab02fc7d336087ff7bd0_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:58432b96b2bd469584d3c5492a4bf2b932276ea4d32ce19f9fd123bc6c5a1d93_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:7aefe2a125e668580ed6b175c5d650c2d14df33718a45081a5cb3f415787e348_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:6f0c6a06344c2ae997bcd6318c7c33434270563c7f74394f31732f33af5429ee_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8e5b9f9ff73f7a8665bd463e4fe1c7a3672760c552ca52e5a81975a13ef20fa5_arm64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:c98f4ef7277902010d91f6a0c9dee0c1773e61a60754204fa6463ff92e1ded80_amd64",
"9Base-CNV-4.13:container-native-virtualization/kubevirt-template-validator-rhel9@sha256:f1e61b9acc97c059a5976ef1a1a88ece74ce2032726a86822bc376381ab67ad3_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:5baa2f7b1d1041ca38a51bc2afd7657a5e9ac485f1cc676cdbb4f1ab39782d04_arm64",
"9Base-CNV-4.13:container-native-virtualization/libguestfs-tools-rhel9@sha256:dfc089d7a360ce8741058710348f5bcd14d3644fb8f47616195e1ee25bf2d6c6_amd64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:daf59cf25c54c336cc34862a297c9bdf03e898dbede98e0f2ca34ef1afeec3aa_arm64",
"9Base-CNV-4.13:container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f8294e9932f5bd8e6a5396c1cdd648c81e787788bdd30ac1a5701d383f222f4e_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0a2c2835ba5b828fb97e7645dd68f03a14c308a470e7147c6174d8d5ada11de0_amd64",
"9Base-CNV-4.13:container-native-virtualization/ovs-cni-plugin-rhel9@sha256:96d1fc0366532f53aeab7438d4805807964d79188ad240a116e891075aaa4512_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:10de7c74d019f1146ddb93943810037849a1132b4c4df61b5f4184c3ecf9e69c_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-api-rhel9@sha256:c169c2406713b935ef99db16ac25546c56c35407fbe2c9700b08a85310ad0fe6_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:0e9a9f512e980da1cb67882667c88bb2f5860e5f7d51e9b249859413510acaf4_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-artifacts-server-rhel9@sha256:905d1c79e6577e9e5dba896ca6b24914b8bdf203f84fb6d2107b8ffaeeb60de4_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:d3a725b602d28a5fae21e03d629706baf0c171ecc7798cdb9fc2b82ca9e12474_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:eb90db30b736d5f0fd47540142105f837b03d7d39ccfb29542e5edb9b0fed96b_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:5bdea09f1c761544b93f7253a84bda794f518276f5fb11cde5dc188b1dc536ce_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-cloner-rhel9@sha256:e214218ed2008370a3e17889780171890dbe21baec315d3b87903ad9d3c06ee3_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:071c30274715467149dbb835cdbca395d48e41b98bdaaff3a261fb82cd2bf471_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-controller-rhel9@sha256:292e78073b80e1559110c267a25dc3c5000f767046aea2c6d18f7a6bfdd2a3f6_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:8d3ac293847b9314980a9142645cb69c541263eea18efb85a1872a56a061d0f1_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-importer-rhel9@sha256:c0629b38e9cfea842fe0c1b2a90c9750b31242ac7a71ae51418068f69bb51424_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:7c3a59429cb99215aec23cb956a1871ebe1d9e62197120e716b5bcc2e1dd6964_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-operator-rhel9@sha256:fdbd6dc5be9638ffdbb1aef724d6a46ec2ba1beb6e16c089d4d05fb28aa4f794_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7a171c401dfeb5552805ac3b4038f0ef341ef7655e36e71897ab6e6682fa3bc5_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7b21effa6d3e7e6852eda6df2bdb932f844278737c5926c7ec5645c2722786dc_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:74f7c60a7c34d8af32b082f02e7f7338efafe0792ba386b2703f05ac1a7c49c2_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:8f7d079101239ef1071771bcb3122c51134b4fd06dab34a1ea6e8454492045c7_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:71a719d5eaa4db12b17f602bcf2d3231fcd9a47cc631153b44e8f22ce1e1f307_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-controller-rhel9@sha256:f40ccbed7cb8c6c488cae4c8e569789a508e4e9c490dba4e8aca667b7ae95853_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:716b79da2f6ce3e9ee19bd3a1e9932afcfbeb0395783c0de492da49e1f26fc5b_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportproxy-rhel9@sha256:9b03b296b984ca9140224eb0158fab9e77a6645cc43ab4207de891a538eb1300_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:048303ba05b860b512848c5cfc9ca03c4106781a4d8aff9c3255b48af9391886_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-exportserver-rhel9@sha256:60a187ab354a59e5cb367e313e62a36ee6a674141ae04526d3e7a29152792d7e_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:28c43deef9f4b766bbcfdd97c3ace0945c12e446775ba842287bb633b4e9936d_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-handler-rhel9@sha256:dd73561b49637055dc43c0659f89f969bd45761993586bed9e19ef13e2479708_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:d8609dd0052664ee59e4bb91b3548ac589b487ca4ebcb91bda42ba52ff62b6db_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-launcher-rhel9@sha256:f9841e11df1c4a2eb6c5b90c6540ca3af8de2a5f6249fd2793e7f632e420f848_amd64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:53c39955d0419e0d93e5895bc1bed8bf14b3e4f319343bf17745ee7e56b42a42_arm64",
"9Base-CNV-4.13:container-native-virtualization/virt-operator-rhel9@sha256:dfc42f4a3243e8533c62f6d8314b6878d8a8f10d46d5481537848b9187b5a4cd_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:b0ee06ec0f4764f15ab360c8915f4b4110073a9501f5901ce6acd0051df6e868_amd64",
"9Base-CNV-4.13:container-native-virtualization/virtio-win-rhel9@sha256:c38ad9283ef7dbddaa430538cd5ab694721b3d60c2115c019a5c49cf1b936649_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:1b53c2b30db706797bdb1c5d6f08e8e66e009eb87ee5c3ace6196e8940c6a43a_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-console-proxy-rhel9@sha256:91cad92cf5849d910a26ca8d704963372818f23619656032893291530633935c_amd64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:52aac6b150521d0aa2b7ac6627c75dab0e55e8aa96690afa2d8818ff3262faf0_arm64",
"9Base-CNV-4.13:container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:ac207fe8bbbbeb066a604246da46bdec218aa90fef62e490c047cc60ab5b222f_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7555
Vulnerability from csaf_redhat - Published: 2023-11-28 18:50 - Updated: 2026-06-30 08:41Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.0 security update
Severity
Important
Notes
Topic: OpenShift API for Data Protection (OADP) 1.3.0 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server's memory by sending many malicious requests, affecting the availability.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
References
57 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.3.0 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7555",
"url": "https://access.redhat.com/errata/RHSA-2023:7555"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "OADP-1167",
"url": "https://issues.redhat.com/browse/OADP-1167"
},
{
"category": "external",
"summary": "OADP-2308",
"url": "https://issues.redhat.com/browse/OADP-2308"
},
{
"category": "external",
"summary": "OADP-2360",
"url": "https://issues.redhat.com/browse/OADP-2360"
},
{
"category": "external",
"summary": "OADP-2450",
"url": "https://issues.redhat.com/browse/OADP-2450"
},
{
"category": "external",
"summary": "OADP-2607",
"url": "https://issues.redhat.com/browse/OADP-2607"
},
{
"category": "external",
"summary": "OADP-2635",
"url": "https://issues.redhat.com/browse/OADP-2635"
},
{
"category": "external",
"summary": "OADP-2679",
"url": "https://issues.redhat.com/browse/OADP-2679"
},
{
"category": "external",
"summary": "OADP-2680",
"url": "https://issues.redhat.com/browse/OADP-2680"
},
{
"category": "external",
"summary": "OADP-2681",
"url": "https://issues.redhat.com/browse/OADP-2681"
},
{
"category": "external",
"summary": "OADP-2686",
"url": "https://issues.redhat.com/browse/OADP-2686"
},
{
"category": "external",
"summary": "OADP-2688",
"url": "https://issues.redhat.com/browse/OADP-2688"
},
{
"category": "external",
"summary": "OADP-2696",
"url": "https://issues.redhat.com/browse/OADP-2696"
},
{
"category": "external",
"summary": "OADP-2717",
"url": "https://issues.redhat.com/browse/OADP-2717"
},
{
"category": "external",
"summary": "OADP-2721",
"url": "https://issues.redhat.com/browse/OADP-2721"
},
{
"category": "external",
"summary": "OADP-2741",
"url": "https://issues.redhat.com/browse/OADP-2741"
},
{
"category": "external",
"summary": "OADP-2742",
"url": "https://issues.redhat.com/browse/OADP-2742"
},
{
"category": "external",
"summary": "OADP-2774",
"url": "https://issues.redhat.com/browse/OADP-2774"
},
{
"category": "external",
"summary": "OADP-2790",
"url": "https://issues.redhat.com/browse/OADP-2790"
},
{
"category": "external",
"summary": "OADP-2796",
"url": "https://issues.redhat.com/browse/OADP-2796"
},
{
"category": "external",
"summary": "OADP-2819",
"url": "https://issues.redhat.com/browse/OADP-2819"
},
{
"category": "external",
"summary": "OADP-2856",
"url": "https://issues.redhat.com/browse/OADP-2856"
},
{
"category": "external",
"summary": "OADP-2862",
"url": "https://issues.redhat.com/browse/OADP-2862"
},
{
"category": "external",
"summary": "OADP-2921",
"url": "https://issues.redhat.com/browse/OADP-2921"
},
{
"category": "external",
"summary": "OADP-2959",
"url": "https://issues.redhat.com/browse/OADP-2959"
},
{
"category": "external",
"summary": "OADP-2981",
"url": "https://issues.redhat.com/browse/OADP-2981"
},
{
"category": "external",
"summary": "OADP-2983",
"url": "https://issues.redhat.com/browse/OADP-2983"
},
{
"category": "external",
"summary": "OADP-3053",
"url": "https://issues.redhat.com/browse/OADP-3053"
},
{
"category": "external",
"summary": "OADP-3054",
"url": "https://issues.redhat.com/browse/OADP-3054"
},
{
"category": "external",
"summary": "OADP-446",
"url": "https://issues.redhat.com/browse/OADP-446"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7555.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.0 security update",
"tracking": {
"current_release_date": "2026-06-30T08:41:45+00:00",
"generator": {
"date": "2026-06-30T08:41:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2023:7555",
"initial_release_date": "2023-11-28T18:50:01+00:00",
"revision_history": [
{
"date": "2023-11-28T18:50:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-28T18:50:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T08:41:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.3",
"product": {
"name": "9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.0-138"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.0-156"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.0-97"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.0-50"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.0-32"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.0-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.0-30"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.0-45"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.0-138"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.0-156"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.0-97"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.0-50"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.0-32"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.0-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.0-30"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.0-45"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.0-138"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.0-156"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.0-97"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.0-50"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.0-32"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.0-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.0-30"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.0-45"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.0-138"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.0-156"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.0-97"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.0-50"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.0-32"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.0-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.0-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.0-30"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.0-45"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-28T18:50:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7555"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-28T18:50:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7555"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
},
{
"cve": "CVE-2023-45142",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-10-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2245180"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server\u0027s memory by sending many malicious requests, affecting the availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opentelemetry: DoS vulnerability in otelhttp",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While no authentication is required, there are a significant number of non-default factors which prevent widespread exploitation of this flaw. For a service to be affected, all of the following must be true:\n* The go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp package must be in use\n* Configured a metrics pipeline which uses the otelhttp.NewHandler wrapper function\n* No filtering of unknown HTTP methods or user agents at a higher level (such as Content Delivery Network/Load Balancer/etc...)\n\nDue to the limited attack surface, Red Hat Product Security rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45142"
},
{
"category": "external",
"summary": "RHBZ#2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
"url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
}
],
"release_date": "2023-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-28T18:50:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7555"
},
{
"category": "workaround",
"details": "As a workaround to stop being affected otelhttp.WithFilter() can be used.\n\nFor convenience and safe usage of this library, it should by default mark with the label unknown non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.\n\nThe other possibility is to disable HTTP metrics instrumentation by passing otelhttp.WithMeterProvider option with noop.NewMeterProvider.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:5b149e2f215085f5b969bde093fcac250682d48ccd2d1e671d55e945e02c5c24_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:474ed76e1544436e6708c029329f4cebc72efdcfb2e2df751c3cd917224a8e4a_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:71ae5ff534f4f67cf99dedc3c21b247a3e88749fad856249e7ad746518671667_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:27778b1cea8867d0e5a1dd400fa4e605161fbaf7fa1e9eeacd63522bfd1cf5d6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3059a1db6a7041bad8c656287d8fcafc478ac15656fe95d030e9bafa967e8d9a_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:063111faad5ce211e11c5eb2d61559d0b9a89178cdf86377e38599e7232d55d2_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a4995bf30e14bcc454a978199f4b6b9fbdcb5668dd80ebaa05cd8b4d64486856_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:24a009a20c555e5da425a4127ac944907db6a70e733bfd7d4009406430d2e615_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:a355c4029f781a38c9d0878fcfae79191751aafe63a88d0f7b00df66520fac6c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:be8c3101ff144d717007d7871457df69e1158c993c8b4fe5deac7294b939e3ee_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0e82ac7f8380539bbc82507e7ef55d9a97d79eaeb8c3c0ada81e6dddd29b19eb_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2a9f38ceaf22ef7d06a072b6a590a63ad7169f9e5936ca81236723cae5f679e5_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:857e46130a3b0be6d76d45531518e44e59d3a10cfe635fd602b1e28c1d9f5ee8_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:5d7cb76f4424c2208d9aee8368b960137d69d173caf88c1c5c63b1880374550b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8772fc1fb3f4597dc0e0c0de6986cd0954a61ae67830d01a1e3e7ecfef0fb22_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f950bddfb84693a35c98df847c1ccf486a4c480207f50b6836b0d0da1cce9e05_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:01918f08d522dcf429dfbdab99dfc0c57aa84a5073b084c5f83b6ab6dca805c3_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:bcc35ddbe11badbbf7fc900dbe53bd2ef3f51d867c5a64f59b7d43d1c5e801a6_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:befbf80f9941cb94914184c8459853b9575a795d39d827c40593de06a67bc6a0_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0a37b41f0311547a307509c968071bf6449e48c42e8cdf2544e4378ac7359903_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:61f301f44a2b26dd73897046cdd9e511eaee0f026092aeb8c2b0c57a4cf3fb59_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:a47a609eb3c1a6f881592a3c080a413541c4682d60993c33f944f690095e99c7_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e76d891b2cd11cbc1e7f033e3ec03e560759785d6cac10b07899413e4ebd4393_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:197a2a9ccf5939ffc38a2e81868ccddd908a79f713f72c06e56bcb34c7dd0ca7_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:492ce9081642ee43dd2de20b68f48c687bab9b23efcb6a77648f9a341687a818_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "opentelemetry: DoS vulnerability in otelhttp"
}
]
}
RHSA-2023:7587
Vulnerability from csaf_redhat - Published: 2023-11-29 18:13 - Updated: 2026-06-28 12:41Summary
Red Hat Security Advisory: Updated IBM Business Automation Manager Open Editions 8.0.4 SP1 Images
Severity
Important
Notes
Topic: An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform.
Details: IBM Business Automation Manager Open Editions is an open source business process management suite that combines process management and decision service management. It enables business and IT users to create, manage, validate, and deploy process applications and decision services.
IBM Business Automation Manager Open Editions images have been provided for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) and for on-premise or private-cloud deployments.
This release updates the IBM Business Automation Manager Open Editions images to 8.0.4.
This release includes security fixes.
Security Fix(es):
* netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* Quarkus: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* EAP XP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* EAP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* businessautomation-operator: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Business Automation Manager Open Editions is an open source business process management suite that combines process management and decision service management. It enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nIBM Business Automation Manager Open Editions images have been provided for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) and for on-premise or private-cloud deployments.\n\nThis release updates the IBM Business Automation Manager Open Editions images to 8.0.4.\n\nThis release includes security fixes.\n\nSecurity Fix(es):\n\n* netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* Quarkus: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* EAP XP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* EAP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* businessautomation-operator: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7587",
"url": "https://access.redhat.com/errata/RHSA-2023:7587"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHPAM-4816",
"url": "https://issues.redhat.com/browse/RHPAM-4816"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7587.json"
}
],
"title": "Red Hat Security Advisory: Updated IBM Business Automation Manager Open Editions 8.0.4 SP1 Images",
"tracking": {
"current_release_date": "2026-06-28T12:41:18+00:00",
"generator": {
"date": "2026-06-28T12:41:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7587",
"initial_release_date": "2023-11-29T18:13:51+00:00",
"revision_history": [
{
"date": "2023-11-29T18:13:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-29T18:13:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:41:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"product": {
"name": "ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"product_id": "ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-businesscentral-monitoring-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"product": {
"name": "ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"product_id": "ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-businesscentral-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"product": {
"name": "ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"product_id": "ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-controller-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"product": {
"name": "ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"product_id": "ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-dashbuilder-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"product": {
"name": "ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"product_id": "ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kieserver-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"product": {
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"product_id": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-builder-rhel8\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"product": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"product_id": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-rhel8-operator-bundle\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"product": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"product_id": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-rhel8-operator\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"product": {
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"product_id": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"product": {
"name": "ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"product_id": "ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"product": {
"name": "ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"product_id": "ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-operator-bundle\u0026tag=8.0.4-6"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"product": {
"name": "ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"product_id": "ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-process-migration-rhel8\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"product": {
"name": "ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"product_id": "ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-rhel8-operator\u0026tag=8.0.4-4"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64",
"product": {
"name": "ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64",
"product_id": "ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442?arch=amd64\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-smartrouter-rhel8\u0026tag=8.0.4-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"product": {
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"product_id": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047?arch=ppc64le\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-builder-rhel8\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"product": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"product_id": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8?arch=ppc64le\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-rhel8-operator-bundle\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"product": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"product_id": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b?arch=ppc64le\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-rhel8-operator\u0026tag=8.0.4-3"
}
}
},
{
"category": "product_version",
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"product": {
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"product_id": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf?arch=ppc64le\u0026repository_url=registry.redhat.io/ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8\u0026tag=8.0.4-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64"
},
"product_reference": "ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64"
},
"product_reference": "ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64"
},
"product_reference": "ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64"
},
"product_reference": "ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64"
},
"product_reference": "ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64"
},
"product_reference": "ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le"
},
"product_reference": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64"
},
"product_reference": "ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64"
},
"product_reference": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le"
},
"product_reference": "ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le"
},
"product_reference": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64"
},
"product_reference": "ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le"
},
"product_reference": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64"
},
"product_reference": "ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64"
},
"product_reference": "ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64"
},
"product_reference": "ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64"
},
"product_reference": "ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64"
},
"product_reference": "ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-29T18:13:51+00:00",
"details": "Updated IBM Business Automation Manager Open Editions 8.0.4 OpenShift images can be found in the Red Hat Container Catalog.",
"product_ids": [
"8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7587"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:86854b56abee2f78540bd5c3dae1d874ed0281fb756d3d06faa17cb9386b55b8_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:f883b2a9cfb1516222e86f3994a7560233f1b96ae25d0421922bfcfe6935fa16_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-operator-bundle@sha256:f4d8d5f8bde0fdd607b889da98e039610f306f45e05074435db0e00d4c62785e_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64",
"8Base-RHOSE-Middleware:ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7610
Vulnerability from csaf_redhat - Published: 2023-12-06 18:17 - Updated: 2026-06-28 12:09Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.45 packages and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.12.45 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.12.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.45. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:7608
Security Fix(es):
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* python-werkzeug: high resource consumption leading to denial of service (CVE-2023-46136)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
156 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
A resource consumption flaw was found in python-werkzeug. If a specially crafted file is uploaded by a remote attacker, it may cause a denial of service.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
167 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64 | — |
Threats
Impact
Moderate
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.12.45 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.45. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:7608\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* python-werkzeug: high resource consumption leading to denial of service (CVE-2023-46136)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7610",
"url": "https://access.redhat.com/errata/RHSA-2023:7610"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "2246310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246310"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7610.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.45 packages and security update",
"tracking": {
"current_release_date": "2026-06-28T12:09:11+00:00",
"generator": {
"date": "2026-06-28T12:09:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7610",
"initial_release_date": "2023-12-06T18:17:51+00:00",
"revision_history": [
{
"date": "2023-12-06T18:17:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-06T18:17:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:09:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
},
{
"category": "product_name",
"name": "Ironic content for Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Ironic content for Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-IRONIC-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ironic:4.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"product": {
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"product_id": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"product": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"product_id": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.25.5-2.rhaos4.12.git0217273.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"product": {
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"product_id": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.82.1.el8_6.src",
"product": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.src",
"product_id": "kernel-0:4.18.0-372.82.1.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.82.1.el8_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"product": {
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"product_id": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.82.1.rt7.241.el8_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-werkzeug-0:2.0.3-5.el9.src",
"product": {
"name": "python-werkzeug-0:2.0.3-5.el9.src",
"product_id": "python-werkzeug-0:2.0.3-5.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-werkzeug@2.0.3-5.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product_id": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_id": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.25.5-2.rhaos4.12.git0217273.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.25.5-2.rhaos4.12.git0217273.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.25.5-2.rhaos4.12.git0217273.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.82.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-internal@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-internal@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-selftests-internal@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-372.82.1.rt7.241.el8_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_id": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.25.5-2.rhaos4.12.git0217273.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.25.5-2.rhaos4.12.git0217273.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.25.5-2.rhaos4.12.git0217273.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.82.1.el8_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_id": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.25.5-2.rhaos4.12.git0217273.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.25.5-2.rhaos4.12.git0217273.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.25.5-2.rhaos4.12.git0217273.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.82.1.el8_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_id": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.25.5-2.rhaos4.12.git0217273.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_id": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.25.5-2.rhaos4.12.git0217273.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.25.5-2.rhaos4.12.git0217273.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"product_id": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"product": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"product_id": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-internal@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "perf-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "perf-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.82.1.el8_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"product_id": "kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-372.82.1.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-werkzeug-0:2.0.3-5.el9.noarch",
"product": {
"name": "python3-werkzeug-0:2.0.3-5.el9.noarch",
"product_id": "python3-werkzeug-0:2.0.3-5.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-werkzeug@2.0.3-5.el9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64"
},
"product_reference": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le"
},
"product_reference": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x"
},
"product_reference": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src"
},
"product_reference": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64"
},
"product_reference": "cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src"
},
"product_reference": "kernel-0:4.18.0-372.82.1.el8_6.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-372.82.1.el8_6.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64"
},
"product_reference": "kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src"
},
"product_reference": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "perf-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "perf-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "perf-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src"
},
"product_reference": "openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64"
},
"product_reference": "openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-werkzeug-0:2.0.3-5.el9.src as a component of Ironic content for Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src"
},
"product_reference": "python-werkzeug-0:2.0.3-5.el9.src",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-werkzeug-0:2.0.3-5.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
},
"product_reference": "python3-werkzeug-0:2.0.3-5.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-06T18:17:51+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7610"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
},
{
"cve": "CVE-2023-46136",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2023-10-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246310"
}
],
"notes": [
{
"category": "description",
"text": "A resource consumption flaw was found in python-werkzeug. If a specially crafted file is uploaded by a remote attacker, it may cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-werkzeug: high resource consumption leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability found in python-werkzeug, which lets attackers carry out denial of service attacks by using carefully crafted multipart data, is considered a moderate issue because it could affect system resources and availability. When this vulnerability is exploited, it can cause the CPU to work excessively hard because the parsing mechanism keeps adding data chunks to an internal buffer without checking boundaries properly. This can result in legitimate requests being delayed or denied as worker processes get overloaded, affecting how well the web application performs and responds. While this problem doesn\u2019t directly compromise data integrity or confidentiality, exploiting it can disrupt the availability of the service, which is why it\u2019s seen as a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46136"
},
{
"category": "external",
"summary": "RHBZ#2246310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46136"
},
{
"category": "external",
"summary": "https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2",
"url": "https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2"
},
{
"category": "external",
"summary": "https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw"
}
],
"release_date": "2023-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-06T18:17:51+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html",
"product_ids": [
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7610"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.src",
"8Base-RHOSE-4.12:cri-o-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debuginfo-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.aarch64",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.ppc64le",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.s390x",
"8Base-RHOSE-4.12:cri-o-debugsource-0:1.25.5-2.rhaos4.12.git0217273.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.82.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.src",
"8Base-RHOSE-4.12:kernel-rt-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-core-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debug-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-devel-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-kvm-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-extra-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-modules-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-rt-selftests-internal-0:4.18.0-372.82.1.rt7.241.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.src",
"8Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.s390x",
"8Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.82.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.82.1.el8_6.x86_64",
"9Base-RHOSE-4.12:openshift-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.src",
"9Base-RHOSE-4.12:openshift-clients-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-clients-redistributable-0:4.12.0-202311221849.p0.gd2ac7e1.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.s390x",
"9Base-RHOSE-4.12:openshift-hyperkube-0:4.12.0-202311161331.p0.ga52e8df.assembly.stream.el9.x86_64",
"9Base-RHOSE-IRONIC-4.12:python-werkzeug-0:2.0.3-5.el9.src",
"9Base-RHOSE-IRONIC-4.12:python3-werkzeug-0:2.0.3-5.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-werkzeug: high resource consumption leading to denial of service"
}
]
}
RHSA-2023:7637
Vulnerability from csaf_redhat - Published: 2023-12-04 18:01 - Updated: 2026-06-28 12:41Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.
See the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)
* guava: insecure temporary directory creation (CVE-2023-2976)
* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)
* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
77 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Workaround
|
Threats
Impact
Moderate
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
6.8 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
Known not affected
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Threats
Impact
Moderate
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.
5.3 (Medium)
Affected products
Fixed
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.
5.3 (Medium)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Known not affected
70 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Threats
Impact
Moderate
A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.
4.3 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
Known not affected
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Threats
Impact
Moderate
A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch | — |
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
77 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.\n\nSee the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)\n\n* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)\n\n* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)\n\n* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7637",
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "JBEAP-25004",
"url": "https://issues.redhat.com/browse/JBEAP-25004"
},
{
"category": "external",
"summary": "JBEAP-25085",
"url": "https://issues.redhat.com/browse/JBEAP-25085"
},
{
"category": "external",
"summary": "JBEAP-25086",
"url": "https://issues.redhat.com/browse/JBEAP-25086"
},
{
"category": "external",
"summary": "JBEAP-25378",
"url": "https://issues.redhat.com/browse/JBEAP-25378"
},
{
"category": "external",
"summary": "JBEAP-25380",
"url": "https://issues.redhat.com/browse/JBEAP-25380"
},
{
"category": "external",
"summary": "JBEAP-25419",
"url": "https://issues.redhat.com/browse/JBEAP-25419"
},
{
"category": "external",
"summary": "JBEAP-25451",
"url": "https://issues.redhat.com/browse/JBEAP-25451"
},
{
"category": "external",
"summary": "JBEAP-25457",
"url": "https://issues.redhat.com/browse/JBEAP-25457"
},
{
"category": "external",
"summary": "JBEAP-25541",
"url": "https://issues.redhat.com/browse/JBEAP-25541"
},
{
"category": "external",
"summary": "JBEAP-25547",
"url": "https://issues.redhat.com/browse/JBEAP-25547"
},
{
"category": "external",
"summary": "JBEAP-25576",
"url": "https://issues.redhat.com/browse/JBEAP-25576"
},
{
"category": "external",
"summary": "JBEAP-25594",
"url": "https://issues.redhat.com/browse/JBEAP-25594"
},
{
"category": "external",
"summary": "JBEAP-25627",
"url": "https://issues.redhat.com/browse/JBEAP-25627"
},
{
"category": "external",
"summary": "JBEAP-25657",
"url": "https://issues.redhat.com/browse/JBEAP-25657"
},
{
"category": "external",
"summary": "JBEAP-25685",
"url": "https://issues.redhat.com/browse/JBEAP-25685"
},
{
"category": "external",
"summary": "JBEAP-25700",
"url": "https://issues.redhat.com/browse/JBEAP-25700"
},
{
"category": "external",
"summary": "JBEAP-25716",
"url": "https://issues.redhat.com/browse/JBEAP-25716"
},
{
"category": "external",
"summary": "JBEAP-25726",
"url": "https://issues.redhat.com/browse/JBEAP-25726"
},
{
"category": "external",
"summary": "JBEAP-25772",
"url": "https://issues.redhat.com/browse/JBEAP-25772"
},
{
"category": "external",
"summary": "JBEAP-25779",
"url": "https://issues.redhat.com/browse/JBEAP-25779"
},
{
"category": "external",
"summary": "JBEAP-25803",
"url": "https://issues.redhat.com/browse/JBEAP-25803"
},
{
"category": "external",
"summary": "JBEAP-25838",
"url": "https://issues.redhat.com/browse/JBEAP-25838"
},
{
"category": "external",
"summary": "JBEAP-26041",
"url": "https://issues.redhat.com/browse/JBEAP-26041"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7637.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 security update",
"tracking": {
"current_release_date": "2026-06-28T12:41:19+00:00",
"generator": {
"date": "2026-06-28T12:41:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7637",
"initial_release_date": "2023-12-04T18:01:18+00:00",
"revision_history": [
{
"date": "2023-12-04T18:01:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-04T18:01:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:41:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.14-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.32-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.32-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.32-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.32-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-17.redhat_00051.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@32.1.1-2.jre_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.1.10-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-33.Final_redhat_00032.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-33.Final_redhat_00032.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.14-5.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.14-5.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.14-5.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.14-5.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-4503",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184751"
}
],
"notes": [
{
"category": "description",
"text": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eap-galleon: custom provisioning creates unsecured http-invoker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4503"
},
{
"category": "external",
"summary": "RHBZ#2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eap-galleon: custom provisioning creates unsecured http-invoker"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5685"
},
{
"category": "external",
"summary": "RHBZ#2241822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
},
{
"category": "workaround",
"details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
},
{
"cve": "CVE-2023-26048",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26048"
},
{
"category": "external",
"summary": "RHBZ#2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-35887",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-09-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2240036"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-mina-sshd: information exposure in SFTP server implementations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35887"
},
{
"category": "external",
"summary": "RHBZ#2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887"
}
],
"release_date": "2023-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-mina-sshd: information exposure in SFTP server implementations"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39410"
},
{
"category": "external",
"summary": "RHBZ#2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/AVRO-3819",
"url": "https://issues.apache.org/jira/browse/AVRO-3819"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:01:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7637"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7638
Vulnerability from csaf_redhat - Published: 2023-12-04 18:02 - Updated: 2026-06-28 12:20Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.
See the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)
* guava: insecure temporary directory creation (CVE-2023-2976)
* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)
* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Workaround
|
Threats
Impact
Moderate
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
6.8 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
Known not affected
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Threats
Impact
Moderate
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
7.5 (High)
Affected products
Fixed
2 products
Known not affected
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.
5.3 (Medium)
Affected products
Fixed
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.
5.3 (Medium)
Affected products
Fixed
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Known not affected
70 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Threats
Impact
Moderate
A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.
4.3 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
Known not affected
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Threats
Impact
Moderate
A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
77 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.\n\nSee the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)\n\n* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)\n\n* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)\n\n* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7638",
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "JBEAP-25004",
"url": "https://issues.redhat.com/browse/JBEAP-25004"
},
{
"category": "external",
"summary": "JBEAP-25085",
"url": "https://issues.redhat.com/browse/JBEAP-25085"
},
{
"category": "external",
"summary": "JBEAP-25086",
"url": "https://issues.redhat.com/browse/JBEAP-25086"
},
{
"category": "external",
"summary": "JBEAP-25378",
"url": "https://issues.redhat.com/browse/JBEAP-25378"
},
{
"category": "external",
"summary": "JBEAP-25380",
"url": "https://issues.redhat.com/browse/JBEAP-25380"
},
{
"category": "external",
"summary": "JBEAP-25419",
"url": "https://issues.redhat.com/browse/JBEAP-25419"
},
{
"category": "external",
"summary": "JBEAP-25451",
"url": "https://issues.redhat.com/browse/JBEAP-25451"
},
{
"category": "external",
"summary": "JBEAP-25457",
"url": "https://issues.redhat.com/browse/JBEAP-25457"
},
{
"category": "external",
"summary": "JBEAP-25541",
"url": "https://issues.redhat.com/browse/JBEAP-25541"
},
{
"category": "external",
"summary": "JBEAP-25547",
"url": "https://issues.redhat.com/browse/JBEAP-25547"
},
{
"category": "external",
"summary": "JBEAP-25576",
"url": "https://issues.redhat.com/browse/JBEAP-25576"
},
{
"category": "external",
"summary": "JBEAP-25594",
"url": "https://issues.redhat.com/browse/JBEAP-25594"
},
{
"category": "external",
"summary": "JBEAP-25627",
"url": "https://issues.redhat.com/browse/JBEAP-25627"
},
{
"category": "external",
"summary": "JBEAP-25657",
"url": "https://issues.redhat.com/browse/JBEAP-25657"
},
{
"category": "external",
"summary": "JBEAP-25685",
"url": "https://issues.redhat.com/browse/JBEAP-25685"
},
{
"category": "external",
"summary": "JBEAP-25700",
"url": "https://issues.redhat.com/browse/JBEAP-25700"
},
{
"category": "external",
"summary": "JBEAP-25716",
"url": "https://issues.redhat.com/browse/JBEAP-25716"
},
{
"category": "external",
"summary": "JBEAP-25726",
"url": "https://issues.redhat.com/browse/JBEAP-25726"
},
{
"category": "external",
"summary": "JBEAP-25772",
"url": "https://issues.redhat.com/browse/JBEAP-25772"
},
{
"category": "external",
"summary": "JBEAP-25779",
"url": "https://issues.redhat.com/browse/JBEAP-25779"
},
{
"category": "external",
"summary": "JBEAP-25803",
"url": "https://issues.redhat.com/browse/JBEAP-25803"
},
{
"category": "external",
"summary": "JBEAP-25838",
"url": "https://issues.redhat.com/browse/JBEAP-25838"
},
{
"category": "external",
"summary": "JBEAP-26041",
"url": "https://issues.redhat.com/browse/JBEAP-26041"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7638.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 security update",
"tracking": {
"current_release_date": "2026-06-28T12:20:49+00:00",
"generator": {
"date": "2026-06-28T12:20:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7638",
"initial_release_date": "2023-12-04T18:02:31+00:00",
"revision_history": [
{
"date": "2023-12-04T18:02:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-04T18:02:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:20:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.32-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.32-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.32-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.32-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.14-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-17.redhat_00051.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@32.1.1-2.jre_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.1.10-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-33.Final_redhat_00032.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-33.Final_redhat_00032.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.14-5.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-4503",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184751"
}
],
"notes": [
{
"category": "description",
"text": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eap-galleon: custom provisioning creates unsecured http-invoker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4503"
},
{
"category": "external",
"summary": "RHBZ#2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eap-galleon: custom provisioning creates unsecured http-invoker"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5685"
},
{
"category": "external",
"summary": "RHBZ#2241822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
},
{
"category": "workaround",
"details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
},
{
"cve": "CVE-2023-26048",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26048"
},
{
"category": "external",
"summary": "RHBZ#2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-35887",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-09-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2240036"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-mina-sshd: information exposure in SFTP server implementations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35887"
},
{
"category": "external",
"summary": "RHBZ#2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887"
}
],
"release_date": "2023-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-mina-sshd: information exposure in SFTP server implementations"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39410"
},
{
"category": "external",
"summary": "RHBZ#2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/AVRO-3819",
"url": "https://issues.apache.org/jira/browse/AVRO-3819"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7638"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.32-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7639
Vulnerability from csaf_redhat - Published: 2023-12-04 18:00 - Updated: 2026-06-28 12:41Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.
See the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)
* guava: insecure temporary directory creation (CVE-2023-2976)
* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)
* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
76 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Workaround
|
Threats
Impact
Moderate
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
6.8 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
Known not affected
70 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Threats
Impact
Moderate
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
7.5 (High)
Affected products
Fixed
2 products
Known not affected
77 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.
5.3 (Medium)
Affected products
Fixed
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.
5.3 (Medium)
Affected products
Fixed
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
Known not affected
68 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Threats
Impact
Moderate
A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.
4.3 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
Known not affected
70 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Threats
Impact
Moderate
A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.
7.5 (High)
Affected products
Fixed
2 products
Known not affected
77 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
77 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.\n\nSee the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)\n\n* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)\n\n* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)\n\n* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7639",
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "JBEAP-25004",
"url": "https://issues.redhat.com/browse/JBEAP-25004"
},
{
"category": "external",
"summary": "JBEAP-25085",
"url": "https://issues.redhat.com/browse/JBEAP-25085"
},
{
"category": "external",
"summary": "JBEAP-25086",
"url": "https://issues.redhat.com/browse/JBEAP-25086"
},
{
"category": "external",
"summary": "JBEAP-25378",
"url": "https://issues.redhat.com/browse/JBEAP-25378"
},
{
"category": "external",
"summary": "JBEAP-25380",
"url": "https://issues.redhat.com/browse/JBEAP-25380"
},
{
"category": "external",
"summary": "JBEAP-25419",
"url": "https://issues.redhat.com/browse/JBEAP-25419"
},
{
"category": "external",
"summary": "JBEAP-25451",
"url": "https://issues.redhat.com/browse/JBEAP-25451"
},
{
"category": "external",
"summary": "JBEAP-25457",
"url": "https://issues.redhat.com/browse/JBEAP-25457"
},
{
"category": "external",
"summary": "JBEAP-25541",
"url": "https://issues.redhat.com/browse/JBEAP-25541"
},
{
"category": "external",
"summary": "JBEAP-25547",
"url": "https://issues.redhat.com/browse/JBEAP-25547"
},
{
"category": "external",
"summary": "JBEAP-25576",
"url": "https://issues.redhat.com/browse/JBEAP-25576"
},
{
"category": "external",
"summary": "JBEAP-25594",
"url": "https://issues.redhat.com/browse/JBEAP-25594"
},
{
"category": "external",
"summary": "JBEAP-25627",
"url": "https://issues.redhat.com/browse/JBEAP-25627"
},
{
"category": "external",
"summary": "JBEAP-25657",
"url": "https://issues.redhat.com/browse/JBEAP-25657"
},
{
"category": "external",
"summary": "JBEAP-25685",
"url": "https://issues.redhat.com/browse/JBEAP-25685"
},
{
"category": "external",
"summary": "JBEAP-25700",
"url": "https://issues.redhat.com/browse/JBEAP-25700"
},
{
"category": "external",
"summary": "JBEAP-25716",
"url": "https://issues.redhat.com/browse/JBEAP-25716"
},
{
"category": "external",
"summary": "JBEAP-25726",
"url": "https://issues.redhat.com/browse/JBEAP-25726"
},
{
"category": "external",
"summary": "JBEAP-25772",
"url": "https://issues.redhat.com/browse/JBEAP-25772"
},
{
"category": "external",
"summary": "JBEAP-25779",
"url": "https://issues.redhat.com/browse/JBEAP-25779"
},
{
"category": "external",
"summary": "JBEAP-25803",
"url": "https://issues.redhat.com/browse/JBEAP-25803"
},
{
"category": "external",
"summary": "JBEAP-25838",
"url": "https://issues.redhat.com/browse/JBEAP-25838"
},
{
"category": "external",
"summary": "JBEAP-26041",
"url": "https://issues.redhat.com/browse/JBEAP-26041"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7639.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 security update",
"tracking": {
"current_release_date": "2026-06-28T12:41:15+00:00",
"generator": {
"date": "2026-06-28T12:41:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7639",
"initial_release_date": "2023-12-04T18:00:03+00:00",
"revision_history": [
{
"date": "2023-12-04T18:00:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-04T18:00:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:41:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jandex@2.4.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-avro@1.11.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"product_id": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.11-4.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.2.23-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.20-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.14-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.14-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.11-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.32-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.32-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.32-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.9-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.1-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.28-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-17.redhat_00051.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@32.1.1-2.jre_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@32.1.1-2.jre_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.1.10-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-33.Final_redhat_00032.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-33.Final_redhat_00032.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-33.Final_redhat_00032.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.14-5.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-4503",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184751"
}
],
"notes": [
{
"category": "description",
"text": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eap-galleon: custom provisioning creates unsecured http-invoker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4503"
},
{
"category": "external",
"summary": "RHBZ#2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eap-galleon: custom provisioning creates unsecured http-invoker"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5685"
},
{
"category": "external",
"summary": "RHBZ#2241822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
},
{
"category": "workaround",
"details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
},
{
"cve": "CVE-2023-26048",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26048"
},
{
"category": "external",
"summary": "RHBZ#2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-35887",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-09-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2240036"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-mina-sshd: information exposure in SFTP server implementations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35887"
},
{
"category": "external",
"summary": "RHBZ#2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887"
}
],
"release_date": "2023-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-mina-sshd: information exposure in SFTP server implementations"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39410"
},
{
"category": "external",
"summary": "RHBZ#2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/AVRO-3819",
"url": "https://issues.apache.org/jira/browse/AVRO-3819"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:00:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n \nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7639"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-17.redhat_00051.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-17.redhat_00051.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-avro-0:1.11.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-guava-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-guava-libraries-0:32.1.1-2.jre_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.20-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.32-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.32-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jandex-0:2.4.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.14-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.14-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-33.Final_redhat_00032.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-33.Final_redhat_00032.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.11-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.9-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jgroups-0:4.2.23-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-weld-core-impl-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-core-jsf-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-ejb-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-jta-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-probe-core-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-weld-web-0:3.1.10-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.14-5.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-yasson-0:1.0.11-4.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7641
Vulnerability from csaf_redhat - Published: 2023-12-04 18:02 - Updated: 2026-06-28 12:41Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.
See the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)
* guava: insecure temporary directory creation (CVE-2023-2976)
* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)
* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
6.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
66 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug fixes and enhancements.\n\nSee the Red Hat JBoss Enterprise Application Platform 7.4.14 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* eap-galleon: custom provisioning creates unsecured http-invoker (CVE-2023-4503)\n\n* sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7641",
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "2241822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
},
{
"category": "external",
"summary": "2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "JBEAP-25004",
"url": "https://issues.redhat.com/browse/JBEAP-25004"
},
{
"category": "external",
"summary": "JBEAP-25085",
"url": "https://issues.redhat.com/browse/JBEAP-25085"
},
{
"category": "external",
"summary": "JBEAP-25086",
"url": "https://issues.redhat.com/browse/JBEAP-25086"
},
{
"category": "external",
"summary": "JBEAP-25378",
"url": "https://issues.redhat.com/browse/JBEAP-25378"
},
{
"category": "external",
"summary": "JBEAP-25380",
"url": "https://issues.redhat.com/browse/JBEAP-25380"
},
{
"category": "external",
"summary": "JBEAP-25419",
"url": "https://issues.redhat.com/browse/JBEAP-25419"
},
{
"category": "external",
"summary": "JBEAP-25451",
"url": "https://issues.redhat.com/browse/JBEAP-25451"
},
{
"category": "external",
"summary": "JBEAP-25457",
"url": "https://issues.redhat.com/browse/JBEAP-25457"
},
{
"category": "external",
"summary": "JBEAP-25541",
"url": "https://issues.redhat.com/browse/JBEAP-25541"
},
{
"category": "external",
"summary": "JBEAP-25547",
"url": "https://issues.redhat.com/browse/JBEAP-25547"
},
{
"category": "external",
"summary": "JBEAP-25576",
"url": "https://issues.redhat.com/browse/JBEAP-25576"
},
{
"category": "external",
"summary": "JBEAP-25594",
"url": "https://issues.redhat.com/browse/JBEAP-25594"
},
{
"category": "external",
"summary": "JBEAP-25627",
"url": "https://issues.redhat.com/browse/JBEAP-25627"
},
{
"category": "external",
"summary": "JBEAP-25657",
"url": "https://issues.redhat.com/browse/JBEAP-25657"
},
{
"category": "external",
"summary": "JBEAP-25685",
"url": "https://issues.redhat.com/browse/JBEAP-25685"
},
{
"category": "external",
"summary": "JBEAP-25700",
"url": "https://issues.redhat.com/browse/JBEAP-25700"
},
{
"category": "external",
"summary": "JBEAP-25716",
"url": "https://issues.redhat.com/browse/JBEAP-25716"
},
{
"category": "external",
"summary": "JBEAP-25726",
"url": "https://issues.redhat.com/browse/JBEAP-25726"
},
{
"category": "external",
"summary": "JBEAP-25772",
"url": "https://issues.redhat.com/browse/JBEAP-25772"
},
{
"category": "external",
"summary": "JBEAP-25779",
"url": "https://issues.redhat.com/browse/JBEAP-25779"
},
{
"category": "external",
"summary": "JBEAP-25803",
"url": "https://issues.redhat.com/browse/JBEAP-25803"
},
{
"category": "external",
"summary": "JBEAP-25838",
"url": "https://issues.redhat.com/browse/JBEAP-25838"
},
{
"category": "external",
"summary": "JBEAP-26041",
"url": "https://issues.redhat.com/browse/JBEAP-26041"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7641.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update",
"tracking": {
"current_release_date": "2026-06-28T12:41:17+00:00",
"generator": {
"date": "2026-06-28T12:41:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7641",
"initial_release_date": "2023-12-04T18:02:14+00:00",
"revision_history": [
{
"date": "2023-12-04T18:02:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T22:34:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:41:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-4503",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184751"
}
],
"notes": [
{
"category": "description",
"text": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eap-galleon: custom provisioning creates unsecured http-invoker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4503"
},
{
"category": "external",
"summary": "RHBZ#2184751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eap-galleon: custom provisioning creates unsecured http-invoker"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5685"
},
{
"category": "external",
"summary": "RHBZ#2241822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
},
{
"category": "workaround",
"details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
},
{
"cve": "CVE-2023-35887",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2240036"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-mina-sshd: information exposure in SFTP server implementations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35887"
},
{
"category": "external",
"summary": "RHBZ#2240036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35887"
}
],
"release_date": "2023-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-mina-sshd: information exposure in SFTP server implementations"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39410"
},
{
"category": "external",
"summary": "RHBZ#2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/AVRO-3819",
"url": "https://issues.apache.org/jira/browse/AVRO-3819"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-04T18:02:14+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7641"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7653
Vulnerability from csaf_redhat - Published: 2023-12-05 14:36 - Updated: 2026-06-28 12:41Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.5.4 GA]
Severity
Important
Notes
Topic: An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat Integration - Service Registry 2.5.4 GA includes the following security fixes.
Security Fix(es):
* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [rhint-serv-2] (CVE-2023-44487)
* quarkus-vertx-http: quarkus: HTTP security policy bypass [rhint-serv-2] (CVE-2023-4853)
* netty: SniHandler 16MB allocation leads to OOM [rhint-serv-2] (CVE-2023-34462)
* snappy-java: Unchecked chunk length leads to DoS [rhint-serv-2] (CVE-2023-34455)
* quarkus-oidc: ID and access tokens leak via the authorization code flow [rhint-serv-2] (CVE-2023-1584)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.5.4 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.5
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.5.4 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.5
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial of service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.5.4 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.5
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.5.4 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.5
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.5.4 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.5
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
37 references
Acknowledgments
Red Hat
Paulo Lopes
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Integration - Service Registry 2.5.4 GA includes the following security fixes.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [rhint-serv-2] (CVE-2023-44487)\n\n* quarkus-vertx-http: quarkus: HTTP security policy bypass [rhint-serv-2] (CVE-2023-4853)\n\n* netty: SniHandler 16MB allocation leads to OOM [rhint-serv-2] (CVE-2023-34462)\n\n* snappy-java: Unchecked chunk length leads to DoS [rhint-serv-2] (CVE-2023-34455)\n\n* quarkus-oidc: ID and access tokens leak via the authorization code flow [rhint-serv-2] (CVE-2023-1584)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7653",
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2180886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180886"
},
{
"category": "external",
"summary": "2215445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215445"
},
{
"category": "external",
"summary": "2216888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216888"
},
{
"category": "external",
"summary": "2238034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238034"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7653.json"
}
],
"title": "Red Hat Security Advisory: Service Registry (container images) release and security update [2.5.4 GA]",
"tracking": {
"current_release_date": "2026-06-28T12:41:19+00:00",
"generator": {
"date": "2026-06-28T12:41:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2023:7653",
"initial_release_date": "2023-12-05T14:36:34+00:00",
"revision_history": [
{
"date": "2023-12-05T14:36:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-05T14:36:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-28T12:41:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Service Registry 2.5.4 GA",
"product": {
"name": "RHINT Service Registry 2.5.4 GA",
"product_id": "RHINT Service Registry 2.5.4 GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_registry:2.5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Paulo Lopes"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2023-1584",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180886"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-oidc: ID and access tokens leak via the authorization code flow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus flaw happens because the cookie contains a token that token could potentially be more useful to attackers than a normal session cookie hijacking attack. Other potentially higher security applications may accept the same token from the cookie, while with a normal session hijacking attack it is limited to the application that issued the cookie.\n\nAn attacker needs to have compromised a significant amount of your infrastructure to get the cookie. For this reason, the flaw is rated Low impact",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.5.4 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1584"
},
{
"category": "external",
"summary": "RHBZ#2180886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180886"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1584"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/pull/32192",
"url": "https://github.com/quarkusio/quarkus/pull/32192"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/pull/33414",
"url": "https://github.com/quarkusio/quarkus/pull/33414"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-05T14:36:34+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quarkus-oidc: ID and access tokens leak via the authorization code flow"
},
{
"cve": "CVE-2023-4853",
"cwe": {
"id": "CWE-148",
"name": "Improper Neutralization of Input Leaders"
},
"discovery_date": "2023-09-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238034"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus: HTTP security policy bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.5.4 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4853"
},
{
"category": "external",
"summary": "RHBZ#2238034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238034"
},
{
"category": "external",
"summary": "RHSB-2023-002",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4853"
}
],
"release_date": "2023-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-05T14:36:34+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
},
{
"category": "workaround",
"details": "Use a \u2018deny\u2019 wildcard for base paths, then authenticate specifics within that:\n\nExamples:\n```\ndeny: /*\nauthenticated: /services/*\n```\nor\n```\ndeny: /services/*\nroles-allowed: /services/rbac/*\n```\n\nNOTE: Products are only vulnerable if they use (or allow use of) path-based HTTP policy configuration. Products may also be affected\u2013shipping the component in question\u2013without being vulnerable (\u201caffected at reduced impact\u201d).\n\nSee https://access.redhat.com/security/vulnerabilities/RHSB-2023-002 for more detailed mitigations.",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quarkus: HTTP security policy bypass"
},
{
"cve": "CVE-2023-34455",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2023-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215445"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Snappy-java\u0027s fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snappy-java: Unchecked chunk length leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.5.4 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-34455"
},
{
"category": "external",
"summary": "RHBZ#2215445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215445"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34455"
}
],
"release_date": "2023-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-05T14:36:34+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snappy-java: Unchecked chunk length leads to DoS"
},
{
"cve": "CVE-2023-34462",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: SniHandler 16MB allocation leads to OOM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.5.4 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-34462"
},
{
"category": "external",
"summary": "RHBZ#2216888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
}
],
"release_date": "2023-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-05T14:36:34+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
},
{
"category": "workaround",
"details": "Configuration of SniHandler with an idle timeout will mitigate this issue.",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: SniHandler 16MB allocation leads to OOM"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.5.4 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-05T14:36:34+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7653"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.5.4 GA"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:7682
Vulnerability from csaf_redhat - Published: 2023-12-12 09:48 - Updated: 2026-06-30 08:41Summary
Red Hat Security Advisory: OpenShift Container Platform 4.14.6 bug fix and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.14.6 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.14.
Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.6. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2023:7685
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive
work (CVE-2023-44487) (CVE-2023-39325)
* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
109 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
109 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server's memory by sending many malicious requests, affecting the availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
108 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64 | — |
Workaround
|
Threats
Impact
Moderate
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.14.6 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.14.\n\nRed Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.14.6. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2023:7685\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive\nwork (CVE-2023-44487) (CVE-2023-39325)\n* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7682",
"url": "https://access.redhat.com/errata/RHSA-2023:7682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "OCPBUGS-20554",
"url": "https://issues.redhat.com/browse/OCPBUGS-20554"
},
{
"category": "external",
"summary": "OCPBUGS-21774",
"url": "https://issues.redhat.com/browse/OCPBUGS-21774"
},
{
"category": "external",
"summary": "OCPBUGS-21845",
"url": "https://issues.redhat.com/browse/OCPBUGS-21845"
},
{
"category": "external",
"summary": "OCPBUGS-22295",
"url": "https://issues.redhat.com/browse/OCPBUGS-22295"
},
{
"category": "external",
"summary": "OCPBUGS-22375",
"url": "https://issues.redhat.com/browse/OCPBUGS-22375"
},
{
"category": "external",
"summary": "OCPBUGS-22478",
"url": "https://issues.redhat.com/browse/OCPBUGS-22478"
},
{
"category": "external",
"summary": "OCPBUGS-23445",
"url": "https://issues.redhat.com/browse/OCPBUGS-23445"
},
{
"category": "external",
"summary": "OCPBUGS-23474",
"url": "https://issues.redhat.com/browse/OCPBUGS-23474"
},
{
"category": "external",
"summary": "OCPBUGS-23566",
"url": "https://issues.redhat.com/browse/OCPBUGS-23566"
},
{
"category": "external",
"summary": "OCPBUGS-23569",
"url": "https://issues.redhat.com/browse/OCPBUGS-23569"
},
{
"category": "external",
"summary": "OCPBUGS-23747",
"url": "https://issues.redhat.com/browse/OCPBUGS-23747"
},
{
"category": "external",
"summary": "OCPBUGS-23903",
"url": "https://issues.redhat.com/browse/OCPBUGS-23903"
},
{
"category": "external",
"summary": "OCPBUGS-23982",
"url": "https://issues.redhat.com/browse/OCPBUGS-23982"
},
{
"category": "external",
"summary": "OCPBUGS-24063",
"url": "https://issues.redhat.com/browse/OCPBUGS-24063"
},
{
"category": "external",
"summary": "OCPBUGS-24196",
"url": "https://issues.redhat.com/browse/OCPBUGS-24196"
},
{
"category": "external",
"summary": "OCPBUGS-24262",
"url": "https://issues.redhat.com/browse/OCPBUGS-24262"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7682.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.14.6 bug fix and security update",
"tracking": {
"current_release_date": "2026-06-30T08:41:50+00:00",
"generator": {
"date": "2026-06-30T08:41:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2023:7682",
"initial_release_date": "2023-12-12T09:48:40+00:00",
"revision_history": [
{
"date": "2023-12-12T09:48:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-12T09:48:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T08:41:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.14",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.14",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"product": {
"name": "openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"product_id": "openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.14.0-202312051151.p0.gb7c61bc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"product": {
"name": "openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"product_id": "openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-rhel9\u0026tag=v4.14.0-202312041250.p0.g30c987f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"product": {
"name": "openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"product_id": "openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202312042332.p0.g34d34bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"product": {
"name": "openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"product_id": "openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"product": {
"name": "openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"product_id": "openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202312011708.p0.ge4f4fc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"product": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"product_id": "openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-api-server-rhel8\u0026tag=v4.14.0-202312011708.p0.g0634e0a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"product": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"product_id": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-node-agent-rhel9\u0026tag=v4.14.0-202311302149.p0.ge438a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"product": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"product_id": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-apiserver-network-proxy-rhel8\u0026tag=v4.14.0-202312011832.p0.g3362d67.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.14.0-202311291651.p0.g4b7c64b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"product": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-cloud-controller-manager-operator-rhel8\u0026tag=v4.14.0-202312011150.p0.gc10ac37.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.14.0-202312041012.p0.g37fc6f9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"product": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"product_id": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311300410.p0.g09e96a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202312051151.p0.g4575d30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"product": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"product_id": "openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-insights-rhel8-operator\u0026tag=v4.14.0-202312051251.p0.gdb3d607.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"product_id": "openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"product": {
"name": "openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"product_id": "openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"product_id": "openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311300551.p0.g6b62c75.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"product_id": "openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.14.0-202312041552.p0.g39fed68.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202312060110.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202312040251.p0.g69d0021.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"product_id": "openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.14.0-202312061751.p0.ga1dc6af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product_id": "openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"product_id": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-microshift-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"product": {
"name": "openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"product_id": "openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.14.0-202312051151.p0.gb7c61bc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"product": {
"name": "openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"product_id": "openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202312042332.p0.g34d34bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"product": {
"name": "openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"product_id": "openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"product": {
"name": "openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"product_id": "openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202312011708.p0.ge4f4fc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"product": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"product_id": "openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-api-server-rhel8\u0026tag=v4.14.0-202312011708.p0.g0634e0a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"product": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"product_id": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-node-agent-rhel9\u0026tag=v4.14.0-202311302149.p0.ge438a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"product": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"product_id": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-apiserver-network-proxy-rhel8\u0026tag=v4.14.0-202312011832.p0.g3362d67.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.14.0-202311291651.p0.g4b7c64b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"product": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-cloud-controller-manager-operator-rhel8\u0026tag=v4.14.0-202312011150.p0.gc10ac37.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.14.0-202312041012.p0.g37fc6f9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202312051151.p0.g4575d30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"product": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"product_id": "openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-insights-rhel8-operator\u0026tag=v4.14.0-202312051251.p0.gdb3d607.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"product_id": "openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"product": {
"name": "openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"product_id": "openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"product_id": "openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311300551.p0.g6b62c75.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"product_id": "openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.14.0-202312041552.p0.g39fed68.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202312040251.p0.g69d0021.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"product_id": "openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.14.0-202312061751.p0.ga1dc6af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product_id": "openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"product": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"product_id": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-microshift-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"product": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"product_id": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa?arch=s390x\u0026repository_url=registry.redhat.io/rhcos\u0026tag=414.92.202312011602-0"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"product": {
"name": "openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"product_id": "openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.14.0-202312051151.p0.gb7c61bc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"product": {
"name": "openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"product_id": "openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202312042332.p0.g34d34bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"product": {
"name": "openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"product_id": "openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"product": {
"name": "openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"product_id": "openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202312011708.p0.ge4f4fc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"product": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"product_id": "openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-api-server-rhel8\u0026tag=v4.14.0-202312011708.p0.g0634e0a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"product": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"product_id": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-node-agent-rhel9\u0026tag=v4.14.0-202311302149.p0.ge438a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"product": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"product_id": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-apiserver-network-proxy-rhel8\u0026tag=v4.14.0-202312011832.p0.g3362d67.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.14.0-202311291651.p0.g4b7c64b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"product": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-cloud-controller-manager-operator-rhel8\u0026tag=v4.14.0-202312011150.p0.gc10ac37.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.14.0-202312041012.p0.g37fc6f9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"product": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"product_id": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311300410.p0.g09e96a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202312051151.p0.g4575d30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"product": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"product_id": "openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-insights-rhel8-operator\u0026tag=v4.14.0-202312051251.p0.gdb3d607.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"product_id": "openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"product": {
"name": "openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"product_id": "openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"product_id": "openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311300551.p0.g6b62c75.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"product_id": "openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.14.0-202312041552.p0.g39fed68.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202312060110.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202312040251.p0.g69d0021.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"product_id": "openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.14.0-202312061751.p0.ga1dc6af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product_id": "openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"product": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"product_id": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-microshift-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"product": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"product_id": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhcos\u0026tag=414.92.202312011602-0"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product_id": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-rhel9-operator\u0026tag=v4.14.0-202312031310.p0.g9c43bc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"product": {
"name": "openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"product_id": "openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.14.0-202312051151.p0.gb7c61bc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"product": {
"name": "openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"product_id": "openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-rhel9\u0026tag=v4.14.0-202312041250.p0.g30c987f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"product": {
"name": "openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"product_id": "openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202312042332.p0.g34d34bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"product": {
"name": "openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"product_id": "openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202312011533.p0.g4fab27b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"product": {
"name": "openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"product_id": "openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202312011708.p0.ge4f4fc1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"product": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"product_id": "openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-api-server-rhel8\u0026tag=v4.14.0-202312011708.p0.g0634e0a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"product": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"product_id": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-agent-installer-node-agent-rhel9\u0026tag=v4.14.0-202311302149.p0.ge438a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"product": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"product_id": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-apiserver-network-proxy-rhel8\u0026tag=v4.14.0-202312011832.p0.g3362d67.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.14.0-202311291651.p0.g4b7c64b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"product": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-cloud-controller-manager-operator-rhel8\u0026tag=v4.14.0-202312011150.p0.gc10ac37.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.14.0-202312041012.p0.g37fc6f9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"product": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"product_id": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311300410.p0.g09e96a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202312051151.p0.g4575d30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"product": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"product_id": "openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-insights-rhel8-operator\u0026tag=v4.14.0-202312051251.p0.gdb3d607.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"product_id": "openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"product": {
"name": "openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"product_id": "openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202312060110.p0.g143dda3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"product_id": "openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311300551.p0.g6b62c75.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"product_id": "openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.14.0-202312041552.p0.g39fed68.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202312060110.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202312040251.p0.g69d0021.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"product_id": "openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.14.0-202312061751.p0.ga1dc6af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product_id": "openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"product": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"product_id": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-microshift-rhel9\u0026tag=v4.14.0-202312061751.p0.g2cd2524.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"product": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"product_id": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"product_identification_helper": {
"purl": "pkg:oci/rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa?arch=aarch64\u0026repository_url=registry.redhat.io/rhcos\u0026tag=414.92.202312011602-0"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64",
"product": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64",
"product_id": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64",
"product_identification_helper": {
"purl": "pkg:oci/rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa?arch=x86_64\u0026repository_url=registry.redhat.io/rhcos\u0026tag=414.92.202312011602-0"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le"
},
"product_reference": "openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64"
},
"product_reference": "openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64"
},
"product_reference": "openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x"
},
"product_reference": "openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64"
},
"product_reference": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64"
},
"product_reference": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x"
},
"product_reference": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le"
},
"product_reference": "openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x"
},
"product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le"
},
"product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64"
},
"product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64"
},
"product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64"
},
"product_reference": "openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x"
},
"product_reference": "openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le"
},
"product_reference": "openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64"
},
"product_reference": "openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le"
},
"product_reference": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64"
},
"product_reference": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64"
},
"product_reference": "openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x"
},
"product_reference": "openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le"
},
"product_reference": "openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64"
},
"product_reference": "openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64"
},
"product_reference": "openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le"
},
"product_reference": "openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64"
},
"product_reference": "openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x"
},
"product_reference": "openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64"
},
"product_reference": "openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64"
},
"product_reference": "openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le"
},
"product_reference": "openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x"
},
"product_reference": "openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64"
},
"product_reference": "openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64"
},
"product_reference": "openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le"
},
"product_reference": "openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64"
},
"product_reference": "openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x"
},
"product_reference": "openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64"
},
"product_reference": "openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le"
},
"product_reference": "openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x"
},
"product_reference": "openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64"
},
"product_reference": "openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le"
},
"product_reference": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64"
},
"product_reference": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64"
},
"product_reference": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x"
},
"product_reference": "openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x"
},
"product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le"
},
"product_reference": "openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64"
},
"product_reference": "openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64"
},
"product_reference": "openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le"
},
"product_reference": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x"
},
"product_reference": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64"
},
"product_reference": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64"
},
"product_reference": "openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le"
},
"product_reference": "openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x"
},
"product_reference": "openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64"
},
"product_reference": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le"
},
"product_reference": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x"
},
"product_reference": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
},
"product_reference": "rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-12T09:48:40+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e5128c3b0ab225e0abf9344dae504e08b82dda4885bbd047e2dbc13cc3d9879b\n\n (For s390x architecture)\n The image digest is sha256:f024a617c059bf2cbf4a669c2a19ab4129e78a007c6863b64dd73a413c0bdf46\n\n (For ppc64le architecture)\n The image digest is sha256:6c9d4941723561c7e650c0fca0b653010b76d1c28d8241b30e88b2e325b16088\n\n (For aarch64 architecture)\n The image digest is sha256:878d14ee4651f77403e37dceabdedf31c0d7561e00ae3e5ee570ae98d200306f\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7682"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-12T09:48:40+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e5128c3b0ab225e0abf9344dae504e08b82dda4885bbd047e2dbc13cc3d9879b\n\n (For s390x architecture)\n The image digest is sha256:f024a617c059bf2cbf4a669c2a19ab4129e78a007c6863b64dd73a413c0bdf46\n\n (For ppc64le architecture)\n The image digest is sha256:6c9d4941723561c7e650c0fca0b653010b76d1c28d8241b30e88b2e325b16088\n\n (For aarch64 architecture)\n The image digest is sha256:878d14ee4651f77403e37dceabdedf31c0d7561e00ae3e5ee570ae98d200306f\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7682"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
},
{
"cve": "CVE-2023-45142",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-10-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2245180"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server\u0027s memory by sending many malicious requests, affecting the availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opentelemetry: DoS vulnerability in otelhttp",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While no authentication is required, there are a significant number of non-default factors which prevent widespread exploitation of this flaw. For a service to be affected, all of the following must be true:\n* The go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp package must be in use\n* Configured a metrics pipeline which uses the otelhttp.NewHandler wrapper function\n* No filtering of unknown HTTP methods or user agents at a higher level (such as Content Delivery Network/Load Balancer/etc...)\n\nDue to the limited attack surface, Red Hat Product Security rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45142"
},
{
"category": "external",
"summary": "RHBZ#2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
"url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
}
],
"release_date": "2023-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-12T09:48:40+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e5128c3b0ab225e0abf9344dae504e08b82dda4885bbd047e2dbc13cc3d9879b\n\n (For s390x architecture)\n The image digest is sha256:f024a617c059bf2cbf4a669c2a19ab4129e78a007c6863b64dd73a413c0bdf46\n\n (For ppc64le architecture)\n The image digest is sha256:6c9d4941723561c7e650c0fca0b653010b76d1c28d8241b30e88b2e325b16088\n\n (For aarch64 architecture)\n The image digest is sha256:878d14ee4651f77403e37dceabdedf31c0d7561e00ae3e5ee570ae98d200306f\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7682"
},
{
"category": "workaround",
"details": "As a workaround to stop being affected otelhttp.WithFilter() can be used.\n\nFor convenience and safe usage of this library, it should by default mark with the label unknown non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.\n\nThe other possibility is to disable HTTP metrics instrumentation by passing otelhttp.WithMeterProvider option with noop.NewMeterProvider.",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7995434245b12a7535468f85a48f835c09d828046db573ff963502cd1409c7b4_s390x",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:7af5b14af91f06bb820da68e3699c0ab88e6040a43964b22e37790b1c1d5d7cb_ppc64le",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:83dbe9eff6ae910d1868f8dc1b3651d49204ea57529f534a3f0873144b5bef87_amd64",
"8Base-RHOSE-4.14:openshift4/network-tools-rhel8@sha256:8de7b26d4eb9a5e9aa0ba058735d3798591c929807816bc6af4aa91680fb4c46_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:a0db9a817e589c8d47786d364707c39daed68f68c1114c7543fd6f4d00aa2385_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:ade18f2994669ebeb870b3b545f8b48574da9fc26ea24341dd1c16faac9994a0_amd64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:e7e511a5446948ca0103951e41307c47417298d606247bc81abca1aced0b2ff5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-agent-installer-api-server-rhel8@sha256:f28f3822cd2d4471c5ab9e1fe6ee31a3d00a137fcf5ef1bc373969256ddf69b7_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:0a0b3d5e27e6b0d854036bfd507e54d2d18397afd74848dcf8d83dc026927703_amd64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:19e517553bc9922ef352e89194b7af0212f8791fc0d897532c3f5ce8a03cd695_arm64",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:402a011650f91c5040b91a757165adc5fea3fb93b6b875640c0c7beb5e8d2e76_s390x",
"8Base-RHOSE-4.14:openshift4/ose-apiserver-network-proxy-rhel8@sha256:dca52273b33af9c05d5da2000776bbda9add8248a260ae77212f14fa24e01519_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:0d8c08c80233166290c5b688de496e5138e553ad3ca9fd12cb2dccdcf5b7fad1_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:212eab439a695b829dfb26912c39c6f56a71a2eefcad413410d68ed12ecc882d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:a5085449369b93f12ef3c1619c7c6445f95a6c9d99ed4f524ba46a1c92f9266a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:eea1701990efdcc306ad32893af2cf8fafce456df6c23a8a73dca553dc427355_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1f02531a43a99dd2fd180e8bea2010680be9ffc2dc649c030e1ed2a519f56b4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:b233c7a0c0a218322c5d2fd5d17dc21db914bd49e84f46dd53aec042eb77d39d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f702afc07372180dfe38d285ddff9cb1e537ef5b2cbe77f4a142a29f5e6571e0_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fb60b805884f916a064698b3e0cacf4ffc773501cd610260a930b1278cce42bf_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:983ce415d6f8ba25e024e7917906a67af92e9281797a5d1a1ddd04fd8538e34a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a6cd9f3062edcaa7120e6583777baa01881240a3482dc57d5efaef4625b3ea90_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:e09f1d49fbb3a1ee310a26761f43a21256b70fe9c1bd86ce912a11f98a9ed726_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:f58e1b4fc0c09e745ae4d4921266aeafd9fba8063ed6274fd41ed5655c010e9c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:3f60b0d51781fffabf061d4eae04a3cc12eb93f0f4d08abab68983b8e56c47cf_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:6f0e4a273f556339215442cb0bc3c9f06b28d3676ff3e01bb2686db2f3d2c00a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:a0749d7a8782f8e35ca9c498254f1bd20ec417b67de77f34b535a072649d8eca_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-kube-apiserver-operator@sha256:c074b99f606a6eba6b937f3d96115ec5790b747f6c0b6f6eed01e4f1a3a189eb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:07ad64518d45a9f9ce7a62a824be1a914ff4b984df85d8df1df6568ccb615b4c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:36d5c502abb09679666b4827a0de661cf6ae2f0ddbedccbbdd027cbd14064d66_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:7393acbe5cb48053df79be973e412512f1424786e21006d085ecfcf513a09ade_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:d07849ed6c5ef9ee4f167791850ff9175923286f2065fe2aeb85186c8bddff1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:05dbf69b20c56e1f5cfae6b86d4c9b1bb8d1ed494c8c0fa6236ba5ae55ed5561_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:ad0a7183f146f600a6127f2f4f3e9c1587ed8c51dc52f4259ca5089024948489_arm64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d6edbcff375ddc743735b0c040eadffd194fdacbcd8defbe14852e3e36c4863e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:04cc0bbfad4b18c6164f1cf5e0ad9daca0ea1de3b3490fcf8797d3a0f0f915c2_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:3590085f8d96ed2db2e0e1fcac0336116802b4b4d1acc7f3d3b70ac0788a9d14_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:618b8bfcb6c2942445749838580ddbbfa8288847b5fb8092ad54a1f198656269_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:c2582b7ebd5532cf60d68724ea90ebcd1fccf324fd0e46d3c5876a774e8afa38_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:3412761dd9e6ef4052a3e953d452ea2503399c542d13f29862f115c5ae0cea7c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:9bd4f62f6bc6ebd6b19d2b41858cebad49c45b19f9a7daad125116f28c53dce4_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:b4b5fd5d818633234442064c10f27aed76b5eb33134d765d204acb07d30b37ec_amd64",
"8Base-RHOSE-4.14:openshift4/ose-insights-rhel8-operator@sha256:bf02c8809e102b83f49ec2a19b791fc517baa615999107f229e4845570567c43_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:5a7e749ba8cbfa51be89b0f2c5fd76cec3718fe5a7b1bd247c3f8af7f7990e93_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:6c6f2e0f04df3551205790c74407b05a40400dd5377df30b3fd2e90899f89e4a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:78243c45080e13b0fcd73978c9f9248404b8c3a268b2b28f0ce5aa3bc76688d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:7db7b878bbfa54d4102e9fcf06dce659a9e32f5e90e51d72d20c926235e2f1ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:547220ed4f57de0aebe239ed60f5dd14a035452ca120ad9a5eb62395169f2760_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:791e9ef9c9e645152d1c76246dcf44d2c36511273be028f989085b5311bd5612_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:8277e3fde82e48bd2b07a7afe87b312e757f039da53f42a62d683faed405b20c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:ba9a5904a3fe95f3426e9ec3e353763f57affdefbdaea9b3126efa1b5449b572_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:0f74e4a8668a64b0eb72b7cef2fcf18f32ea04c34e35f8fec405f6ff80e6a112_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:2e2770c370373404b9f2fa4706adcad2922271d89700be8c4709414d584466dc_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:3435f3351c5febd9324a817437961a1db86731377f1711f045cf9df9129ae84b_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eaa3e7ed470a63a03a53fd60fa1cf804e0fb94d020bdf944c267b5a98d9c7566_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:5b36d2e2deeac4eadab8d23000d63c46e669ab45d01c71c8847056b633145aa1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:78924dc22460a043cf6fa8235da304307f856641f11d4a706e62a860d73be7dc_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:8e72516a0b17b8a9fe43d2caaaf46c4e88e12825248c3b9ff4814f70ffa5d487_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-config-operator@sha256:fca45dc7d7f864b0330d8b6a01d4a042b3d669c03dcd98b8fe787a1b05fc2e4a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:32fed20ed56e71214fb8dbeef656533a6038c2008c51308a8c9dda2256dd0950_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:bc55d832c78aa81948d3d06d337597d95a31452a9ba87ffddd0697dc2609a221_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c2119fe44c69026df5e0f7ec1b7dfe1b17b49920c0d09fc6e419a6be42dbffd8_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:4c1c5a0c32f1d38b77ce13697cf70765c672b2470440a92969d8a0e08793419c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:70d0866544fdab5779246dc1f5a391f3fc39740db52a07b33cfdcf7ed275b056_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:892b22763081d559ad43d83603ee6886d040ecddc8db90958650e77d86904756_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:c9e96259894458845debfe3567e258993bfa657467de9be8ed0b4a58a44147bd_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:7b9e0fb53a88daa9e6435d0b61314f6ea9d27821a6e154906615067009d544e5_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:85e3bc4b8bb273edbc189f1f1114e9af86ed38ed5b219a4abfc38d94a06c9eb2_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:95cc453a8a0eb1812df49115620214aa0bdd836b43b58077525059b941fe0a09_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:dcc1d762ed74e1eb6027355a2e6cc3933bd7b35cee9d6235de0fbe2d2958b0c2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:1e6fdaee4ef701d8708e85679fbd2b7e3329dc9304beadc1a6a1ee90e693cfab_arm64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:73b2357c3bc51260a611457246d9c05e9abea3ec7d01d6b4233bd15930054f80_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:c16487d35fac240d44fb0182606a92811cea14776906590a248aeb80757f0b88_amd64",
"8Base-RHOSE-4.14:openshift4/ose-prometheus@sha256:d2e5b6e15a87b24b3c626b9dbc5a0f274de9c279668ffe32bdb2be9340347562_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:13d00fd93ada222af7707631d2831b1929b94ae47b6bb512409fcf47765f342c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:d7fa006ccd62b49233471a46f0ca8fc6d219d71ce8536426f4c06d0c51144c62_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:dd3a19efdf56dea413de2e9b129048ea3a20d270e38fbdc992cffe1b5969ec88_s390x",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:f56a1ffcaccaa9d9442ce1e18f55149373dac7df41e39347429cbdb74d706deb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:00e44d07b20bc61d3396b9468c55747a3894f5c891030ff2f7157f496b98b531_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:7a4a60e1a5022ae0398f7bfd46f07b86268204805ce916aded24bed767c9e7cd_arm64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:83692ddd0895d00cf7a85f53d132671eb0a9027f4c824dfad5943ceaf8292b45_amd64",
"9Base-RHOSE-4.14:openshift4/ose-agent-installer-node-agent-rhel9@sha256:fddfacbff3f39e0b122e6c52e3166207dd29c83dce9f35ef737f341ef74945cb_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:53497a9df41ff9cf54c1354974f01344864634ef29939b2ef929e4f87bba45cc_arm64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:9bdc4879c9ec496c45611a537ce26a8d30242b4ba0e5bccaa7b8b81ce67f1b54_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a3bf3970798a78e630b522e6ceafe9e5f389e2686e3568907657896d5490418e_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:a4895687e963ab3f7ee4c1dedc52cc438797c94c802ba54539c466edd5d2c4ce_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:557626af805fbe29caa5e1f44a7f93b62cb3535badb5baa5cda6ecb4114d314a_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:8082bdbe2714b943ac7b6420c75ba21d2f72fe66f84a75a63b52014a22cb7ac1_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:94bb0c87e72cf41cecefba3c86d42ebe4472273fb5099c48fdc8af20dde31340_s390x",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:effd6d0cd311393474b2ba43a5e196587b51ffca3cad7950b124c33f44085b46_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:77df5c9583ddb8358396c31df7c58194ac7b11e812e8c515a9c4acd0b9833946_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:816ae46ba01e0135faad92068891d99e57e2817dd9f48128dd45fff7d0defde4_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:4d10cbf0378ab0834ee4d46da709d9088a684ac2f22557c823dc4a4b43e67979_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5fe73f0ec913e7e24d29dbe6089f80be14e9e3539b38227ec14a2172b6464fa6_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6b25e1d56f689b3538dee53f9cfaeccb72640045f1c050b6a768432773427230_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d19a727d694d9260bdc07bc6c4f0cdff987631d6ad646580232d677506bed313_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:3f76241d576d2649cb6d8a28024043ab7a669df317d0f6879f168bb6563b9c95_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:5c37f3811b5adf514fda329744afb39b6613f39213f8ad6c263f46909f35ce6d_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:bfae857a2ec83d0ba5c4ab55210a4ff61ebcf75b4bc57702d354b1cf397dea80_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ovn-kubernetes@sha256:f5b9952d4d18653919e1633e12aec4f8fbde8c18de2b9ca3ef438400e03c92e6_amd64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_aarch64",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_ppc64le",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_s390x",
"9Base-RHOSE-4.14:rhcos@sha256:dd18922ec1b121ffeda3adbf0346ed3936aac9ff060c9ba72b6e5f12b2d7d6fa_x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "opentelemetry: DoS vulnerability in otelhttp"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…