Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-29041 (GCVE-0-2024-29041)
Vulnerability from cvelistv5 – Published: 2024-03-25 20:20 – Updated: 2024-08-02 01:03
VLAI
EPSS
Title
Express.js Open Redirect in malformed URLs
Summary
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.
Severity
6.1 (Medium)
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/expressjs/express/security/adv… | x_refsource_CONFIRM |
| https://github.com/koajs/koa/issues/1800 | x_refsource_MISC |
| https://github.com/expressjs/express/pull/5539 | x_refsource_MISC |
| https://github.com/expressjs/express/commit/08673… | x_refsource_MISC |
| https://github.com/expressjs/express/commit/0b746… | x_refsource_MISC |
| https://expressjs.com/en/4x/api.html#res.location | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29041",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-26T13:59:28.274744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:57:16.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"name": "https://github.com/koajs/koa/issues/1800",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/koajs/koa/issues/1800"
},
{
"name": "https://github.com/expressjs/express/pull/5539",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"name": "https://expressjs.com/en/4x/api.html#res.location",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://expressjs.com/en/4x/api.html#res.location"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "express",
"vendor": "expressjs",
"versions": [
{
"status": "affected",
"version": "\u003e=4.14.0, \u003c4.19.0"
},
{
"status": "affected",
"version": "\u003e=5.0.0-alpha.1, \u003c5.0.0-beta.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-25T20:20:06.205Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"name": "https://github.com/koajs/koa/issues/1800",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/koajs/koa/issues/1800"
},
{
"name": "https://github.com/expressjs/express/pull/5539",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"name": "https://expressjs.com/en/4x/api.html#res.location",
"tags": [
"x_refsource_MISC"
],
"url": "https://expressjs.com/en/4x/api.html#res.location"
}
],
"source": {
"advisory": "GHSA-rv95-896h-c2vc",
"discovery": "UNKNOWN"
},
"title": "Express.js Open Redirect in malformed URLs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29041",
"datePublished": "2024-03-25T20:20:06.205Z",
"dateReserved": "2024-03-14T16:59:47.614Z",
"dateUpdated": "2024-08-02T01:03:51.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-29041",
"date": "2026-05-30",
"epss": "0.00154",
"percentile": "0.35866"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-29041\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-25T21:15:46.847\",\"lastModified\":\"2025-12-18T15:00:42.427\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.\"},{\"lang\":\"es\",\"value\":\"El framework web minimalista Express.js para node. Las versiones de Express.js anteriores a 4.19.0 y todas las versiones alfa y beta preliminares de 5.0 se ven afectadas por una vulnerabilidad de redireccionamiento abierto que utiliza URL con formato incorrecto. Cuando un usuario de Express realiza una redirecci\u00f3n utilizando una URL proporcionada por el usuario, Express realiza una codificaci\u00f3n [usando `encodeurl`](https://github.com/pillarjs/encodeurl) en el contenido antes de pasarlo al encabezado de `ubicaci\u00f3n`. Esto puede hacer que las URL con formato incorrecto se eval\u00faen de maneras inesperadas mediante implementaciones de listas permitidas de redireccionamiento com\u00fan en aplicaciones Express, lo que lleva a una redirecci\u00f3n abierta al omitir una lista permitida implementada correctamente. El m\u00e9todo principal afectado es `res.location()` pero tambi\u00e9n se llama desde `res.redirect()`. La vulnerabilidad se solucion\u00f3 en 4.19.2 y 5.0.0-beta.3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"},{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"4.19.2\",\"matchCriteriaId\":\"FB797C75-19DA-4D3C-A46D-528CF9C5F307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha1:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"50C7D4CD-B4D9-433E-B3FC-AB309FA31CCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha2:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"7DFB65DE-73BB-4BB5-84BA-67B187DD2DA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha3:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"B709D2E7-2D50-4A90-B000-0DEB55B80682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha4:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"E388EA8E-03EF-41C9-98C6-68D96DAF92A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha5:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"A7D7FA44-E213-4931-A92B-2C46CA1F6EC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha6:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"EBFE2596-A7DE-455C-A59A-1B56ACA82D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha7:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"F68E52F1-1A06-45D4-8593-3D5D7EC32330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:alpha8:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"0F5FEAD7-A1EB-4FB1-8B15-A717642961F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:beta1:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"2CC3B849-8DAF-47E5-A4EB-E93394C7396A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:5.0.0:beta2:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"6058D4DD-DE9D-4AD9-87A0-22F81C33F81E\"}]}]}],\"references\":[{\"url\":\"https://expressjs.com/en/4x/api.html#res.location\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/expressjs/express/pull/5539\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/koajs/koa/issues/1800\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://expressjs.com/en/4x/api.html#res.location\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/expressjs/express/pull/5539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/koajs/koa/issues/1800\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"title\": \"Express.js Open Redirect in malformed URLs\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-601\", \"lang\": \"en\", \"description\": \"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\", \"type\": \"CWE\"}]}, {\"descriptions\": [{\"cweId\": \"CWE-1286\", \"lang\": \"en\", \"description\": \"CWE-1286: Improper Validation of Syntactic Correctness of Input\", \"type\": \"CWE\"}]}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"scope\": \"CHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"version\": \"3.1\"}}], \"references\": [{\"name\": \"https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc\", \"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc\"}, {\"name\": \"https://github.com/koajs/koa/issues/1800\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/koajs/koa/issues/1800\"}, {\"name\": \"https://github.com/expressjs/express/pull/5539\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/expressjs/express/pull/5539\"}, {\"name\": \"https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\"}, {\"name\": \"https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\"}, {\"name\": \"https://expressjs.com/en/4x/api.html#res.location\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://expressjs.com/en/4x/api.html#res.location\"}], \"affected\": [{\"vendor\": \"expressjs\", \"product\": \"express\", \"versions\": [{\"version\": \"\u003e=4.14.0, \u003c4.19.0\", \"status\": \"affected\"}, {\"version\": \"\u003e=5.0.0-alpha.1, \u003c5.0.0-beta.3\", \"status\": \"affected\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-03-25T20:20:06.205Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.\"}], \"source\": {\"advisory\": \"GHSA-rv95-896h-c2vc\", \"discovery\": \"UNKNOWN\"}}, \"adp\": [{\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29041\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-26T13:59:28.274744Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:19.506Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29041\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"GitHub_M\", \"dateReserved\": \"2024-03-14T16:59:47.614Z\", \"datePublished\": \"2024-03-25T20:20:06.205Z\", \"dateUpdated\": \"2024-06-04T17:57:16.909Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2024-29041
Vulnerability from fkie_nvd - Published: 2024-03-25 21:15 - Updated: 2025-12-18 15:00
Severity
Summary
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openjsf:express:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "FB797C75-19DA-4D3C-A46D-528CF9C5F307",
"versionEndExcluding": "4.19.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha1:*:*:*:node.js:*:*",
"matchCriteriaId": "50C7D4CD-B4D9-433E-B3FC-AB309FA31CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha2:*:*:*:node.js:*:*",
"matchCriteriaId": "7DFB65DE-73BB-4BB5-84BA-67B187DD2DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha3:*:*:*:node.js:*:*",
"matchCriteriaId": "B709D2E7-2D50-4A90-B000-0DEB55B80682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha4:*:*:*:node.js:*:*",
"matchCriteriaId": "E388EA8E-03EF-41C9-98C6-68D96DAF92A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha5:*:*:*:node.js:*:*",
"matchCriteriaId": "A7D7FA44-E213-4931-A92B-2C46CA1F6EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha6:*:*:*:node.js:*:*",
"matchCriteriaId": "EBFE2596-A7DE-455C-A59A-1B56ACA82D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha7:*:*:*:node.js:*:*",
"matchCriteriaId": "F68E52F1-1A06-45D4-8593-3D5D7EC32330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha8:*:*:*:node.js:*:*",
"matchCriteriaId": "0F5FEAD7-A1EB-4FB1-8B15-A717642961F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:beta1:*:*:*:node.js:*:*",
"matchCriteriaId": "2CC3B849-8DAF-47E5-A4EB-E93394C7396A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openjsf:express:5.0.0:beta2:*:*:*:node.js:*:*",
"matchCriteriaId": "6058D4DD-DE9D-4AD9-87A0-22F81C33F81E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."
},
{
"lang": "es",
"value": "El framework web minimalista Express.js para node. Las versiones de Express.js anteriores a 4.19.0 y todas las versiones alfa y beta preliminares de 5.0 se ven afectadas por una vulnerabilidad de redireccionamiento abierto que utiliza URL con formato incorrecto. Cuando un usuario de Express realiza una redirecci\u00f3n utilizando una URL proporcionada por el usuario, Express realiza una codificaci\u00f3n [usando `encodeurl`](https://github.com/pillarjs/encodeurl) en el contenido antes de pasarlo al encabezado de `ubicaci\u00f3n`. Esto puede hacer que las URL con formato incorrecto se eval\u00faen de maneras inesperadas mediante implementaciones de listas permitidas de redireccionamiento com\u00fan en aplicaciones Express, lo que lleva a una redirecci\u00f3n abierta al omitir una lista permitida implementada correctamente. El m\u00e9todo principal afectado es `res.location()` pero tambi\u00e9n se llama desde `res.redirect()`. La vulnerabilidad se solucion\u00f3 en 4.19.2 y 5.0.0-beta.3."
}
],
"id": "CVE-2024-29041",
"lastModified": "2025-12-18T15:00:42.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-03-25T21:15:46.847",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/koajs/koa/issues/1800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
},
{
"lang": "en",
"value": "CWE-1286"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-RV95-896H-C2VC
Vulnerability from github – Published: 2024-03-25 19:40 – Updated: 2025-12-20 00:09
VLAI
Summary
Express.js Open Redirect in malformed URLs
Details
Impact
Versions of Express.js prior to 4.19.2 and pre-release alpha and beta versions before 5.0.0-beta.3 are affected by an open redirect vulnerability using malformed URLs.
When a user of Express performs a redirect using a user-provided URL Express performs an encode using encodeurl on the contents before passing it to the location header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list.
The main method impacted is res.location() but this is also called from within res.redirect().
Patches
https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94
An initial fix went out with express@4.19.0, we then patched a feature regression in 4.19.1 and added improved handling for the bypass in 4.19.2.
Workarounds
The fix for this involves pre-parsing the url string with either require('node:url').parse or new URL. These are steps you can take on your own before passing the user input string to res.location or res.redirect.
Resources
https://github.com/expressjs/express/pull/5539 https://github.com/koajs/koa/issues/1800 https://expressjs.com/en/4x/api.html#res.location
Severity
6.1 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "express"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.19.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "express"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0-alpha.1"
},
{
"fixed": "5.0.0-beta.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-29041"
],
"database_specific": {
"cwe_ids": [
"CWE-1286",
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-25T19:40:26Z",
"nvd_published_at": "2024-03-25T21:15:46Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nVersions of Express.js prior to 4.19.2 and pre-release alpha and beta versions before 5.0.0-beta.3 are affected by an open redirect vulnerability using malformed URLs.\n\nWhen a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list.\n\nThe main method impacted is `res.location()` but this is also called from within `res.redirect()`.\n\n### Patches\n\nhttps://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd\nhttps://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94\n\nAn initial fix went out with `express@4.19.0`, we then patched a feature regression in `4.19.1` and added improved handling for the bypass in `4.19.2`.\n\n### Workarounds\n\nThe fix for this involves pre-parsing the url string with either `require(\u0027node:url\u0027).parse` or `new URL`. These are steps you can take on your own before passing the user input string to `res.location` or `res.redirect`.\n\n### Resources\n\nhttps://github.com/expressjs/express/pull/5539\nhttps://github.com/koajs/koa/issues/1800\nhttps://expressjs.com/en/4x/api.html#res.location",
"id": "GHSA-rv95-896h-c2vc",
"modified": "2025-12-20T00:09:30Z",
"published": "2024-03-25T19:40:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"type": "WEB",
"url": "https://github.com/koajs/koa/issues/1800"
},
{
"type": "WEB",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"type": "WEB",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"type": "WEB",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"type": "WEB",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"type": "PACKAGE",
"url": "https://github.com/expressjs/express"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Express.js Open Redirect in malformed URLs"
}
GSD-2024-29041
Vulnerability from gsd - Updated: 2024-04-02 05:02Details
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-29041"
],
"details": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.",
"id": "GSD-2024-29041",
"modified": "2024-04-02T05:02:57.579467Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2024-29041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "express",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003e=4.14.0, \u003c4.19.0"
},
{
"version_affected": "=",
"version_value": "\u003e=5.0.0-alpha.1, \u003c5.0.0-beta.3"
}
]
}
}
]
},
"vendor_name": "expressjs"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-601",
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
},
{
"description": [
{
"cweId": "CWE-1286",
"lang": "eng",
"value": "CWE-1286: Improper Validation of Syntactic Correctness of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"refsource": "MISC",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"name": "https://github.com/koajs/koa/issues/1800",
"refsource": "MISC",
"url": "https://github.com/koajs/koa/issues/1800"
},
{
"name": "https://github.com/expressjs/express/pull/5539",
"refsource": "MISC",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"name": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"refsource": "MISC",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"name": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"refsource": "MISC",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"name": "https://expressjs.com/en/4x/api.html#res.location",
"refsource": "MISC",
"url": "https://expressjs.com/en/4x/api.html#res.location"
}
]
},
"source": {
"advisory": "GHSA-rv95-896h-c2vc",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()` but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3."
},
{
"lang": "es",
"value": "El framework web minimalista Express.js para node. Las versiones de Express.js anteriores a 4.19.0 y todas las versiones alfa y beta preliminares de 5.0 se ven afectadas por una vulnerabilidad de redireccionamiento abierto que utiliza URL con formato incorrecto. Cuando un usuario de Express realiza una redirecci\u00f3n utilizando una URL proporcionada por el usuario, Express realiza una codificaci\u00f3n [usando `encodeurl`](https://github.com/pillarjs/encodeurl) en el contenido antes de pasarlo al encabezado de `ubicaci\u00f3n`. Esto puede hacer que las URL con formato incorrecto se eval\u00faen de maneras inesperadas mediante implementaciones de listas permitidas de redireccionamiento com\u00fan en aplicaciones Express, lo que lleva a una redirecci\u00f3n abierta al omitir una lista permitida implementada correctamente. El m\u00e9todo principal afectado es `res.location()` pero tambi\u00e9n se llama desde `res.redirect()`. La vulnerabilidad se solucion\u00f3 en 4.19.2 y 5.0.0-beta.3."
}
],
"id": "CVE-2024-29041",
"lastModified": "2024-03-26T12:55:05.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-03-25T21:15:46.847",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1286"
},
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
MSRC_CVE-2024-29041
Vulnerability from csaf_microsoft - Published: 2024-03-02 08:00 - Updated: 2026-02-18 02:23Summary
Express.js Open Redirect in malformed URLs
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
6.1 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17334-17086 | — | ||
| Unresolved product id: 19806-17086 | — |
Known affected
2 products
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-2 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29041 Express.js Open Redirect in malformed URLs - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-29041.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Express.js Open Redirect in malformed URLs",
"tracking": {
"current_release_date": "2026-02-18T02:23:33.000Z",
"generator": {
"date": "2026-02-18T08:30:31.776Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-29041",
"initial_release_date": "2024-03-02T08:00:00.000Z",
"revision_history": [
{
"date": "2024-04-01T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-02-18T02:23:33.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 reaper 3.1.1-9",
"product": {
"name": "\u003ccbl2 reaper 3.1.1-9",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 reaper 3.1.1-9",
"product": {
"name": "cbl2 reaper 3.1.1-9",
"product_id": "17334"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 reaper 3.1.1-8",
"product": {
"name": "\u003ccbl2 reaper 3.1.1-8",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 reaper 3.1.1-8",
"product": {
"name": "cbl2 reaper 3.1.1-8",
"product_id": "19806"
}
}
],
"category": "product_name",
"name": "reaper"
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "2"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 reaper 3.1.1-9 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 reaper 3.1.1-9 as a component of CBL Mariner 2.0",
"product_id": "17334-17086"
},
"product_reference": "17334",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 reaper 3.1.1-8 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 reaper 3.1.1-8 as a component of CBL Mariner 2.0",
"product_id": "19806-17086"
},
"product_reference": "19806",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2"
]
}
],
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17334-17086",
"19806-17086"
],
"known_affected": [
"17086-3",
"17086-1"
],
"known_not_affected": [
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29041 Express.js Open Redirect in malformed URLs - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-29041.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-01T00:00:00.000Z",
"details": "3.1.1-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"17086-3",
"17086-1"
]
}
],
"title": "Express.js Open Redirect in malformed URLs"
}
]
}
NCSC-2025-0026
Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:34 - Updated: 2025-01-22 13:34Summary
Kwetsbaarheden verholpen in Oracle JD Edwards
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in JD Edwards EnterpriseOne Tools (specifiek voor versies prior tot 9.2.9.2).
Interpretaties: De kwetsbaarheden in Oracle JD Edwards EnterpriseOne Tools stellen ongeauthenticeerde kwaadwillenden in staat om het systeem te compromitteren via HTTP-verzoeken. Dit kan leiden tot ongeautoriseerde toegang tot kritieke gegevens en gegevenswijzigingen.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-222: Truncation of Security-relevant Information
CWE-328: Use of Weak Hash
CWE-126: Buffer Over-read
CWE-379: Creation of Temporary File in Directory with Insecure Permissions
CWE-440: Expected Behavior Violation
CWE-1286: Improper Validation of Syntactic Correctness of Input
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CWE-354: Improper Validation of Integrity Check Value
CWE-552: Files or Directories Accessible to External Parties
CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-400: Uncontrolled Resource Consumption
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-787: Out-of-bounds Write
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-606: Unchecked Input for Loop Condition
CWE-1322: Use of Blocking Code in Single-threaded, Non-blocking Context
CWE-280: Improper Handling of Insufficient Permissions or Privileges
CWE-754: Improper Check for Unusual or Exceptional Conditions
CWE-325: Missing Cryptographic Step
CWE-125: Out-of-bounds Read
CWE-404: Improper Resource Shutdown or Release
CWE-476: NULL Pointer Dereference
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-502: Deserialization of Untrusted Data
CWE-122: Heap-based Buffer Overflow
CWE-20: Improper Input Validation
CWE-276: Incorrect Default Permissions
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.7:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
CWE-754
- Improper Check for Unusual or Exceptional Conditions
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.8.2:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.7:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
CWE-94
- Improper Control of Generation of Code ('Code Injection')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.8.2:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_world_security
oracle
|
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
— | |
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
4.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_tools
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
jd_edwards_enterpriseone_orchestrator
oracle
|
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:prior_to_9.2.9.2:*:*:*:*:*:*:*
|
— |
References
34 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in JD Edwards EnterpriseOne Tools (specifiek voor versies prior tot 9.2.9.2).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in Oracle JD Edwards EnterpriseOne Tools stellen ongeauthenticeerde kwaadwillenden in staat om het systeem te compromitteren via HTTP-verzoeken. Dit kan leiden tot ongeautoriseerde toegang tot kritieke gegevens en gegevenswijzigingen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Use of Blocking Code in Single-threaded, Non-blocking Context",
"title": "CWE-1322"
},
{
"category": "general",
"text": "Improper Handling of Insufficient Permissions or Privileges ",
"title": "CWE-280"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle JD Edwards",
"tracking": {
"current_release_date": "2025-01-22T13:34:42.937250Z",
"id": "NCSC-2025-0026",
"initial_release_date": "2025-01-22T13:34:42.937250Z",
"revision_history": [
{
"date": "2025-01-22T13:34:42.937250Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_orchestrator",
"product": {
"name": "jd_edwards_enterpriseone_orchestrator",
"product_id": "CSAFPID-266143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_orchestrator",
"product": {
"name": "jd_edwards_enterpriseone_orchestrator",
"product_id": "CSAFPID-1751193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_orchestrator",
"product": {
"name": "jd_edwards_enterpriseone_orchestrator",
"product_id": "CSAFPID-1751158",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:prior_to_9.2.9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-266526",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-611382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-1751099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-1751092",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-1650738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.8.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-1751123",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_enterpriseone_tools",
"product": {
"name": "jd_edwards_enterpriseone_tools",
"product_id": "CSAFPID-1751154",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:prior_to_9.2.9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jd_edwards_world_security",
"product": {
"name": "jd_edwards_world_security",
"product_id": "CSAFPID-41391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"product_status": {
"known_affected": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-611382",
"CSAFPID-41391",
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-611382",
"CSAFPID-41391",
"CSAFPID-1751123"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-3961",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-3961",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2023-3961"
},
{
"cve": "CVE-2023-4091",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
},
{
"category": "other",
"text": "Improper Handling of Insufficient Permissions or Privileges ",
"title": "CWE-280"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4091",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4091.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2023-4091"
},
{
"cve": "CVE-2023-4782",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4782",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4782.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2023-4782"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-6129",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
}
],
"product_status": {
"known_affected": [
"CSAFPID-41391",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6129",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-41391",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-1751123"
]
}
],
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-38552",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650738",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38552.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650738",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
}
],
"title": "CVE-2023-38552"
},
{
"cve": "CVE-2023-39017",
"product_status": {
"known_affected": [
"CSAFPID-611382"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39017",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39017.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-611382"
]
}
],
"title": "CVE-2023-39017"
},
{
"cve": "CVE-2023-42669",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Use of Blocking Code in Single-threaded, Non-blocking Context",
"title": "CWE-1322"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-42669",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42669.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2023-42669"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
}
],
"product_status": {
"known_affected": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751123"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751123"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-21245",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21245",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21245.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2024-21245"
},
{
"cve": "CVE-2024-22019",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22019",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391"
]
}
],
"title": "CVE-2024-22019"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-27280",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27280",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2024-27280"
},
{
"cve": "CVE-2024-27281",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27281",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27281.json"
}
],
"title": "CVE-2024-27281"
},
{
"cve": "CVE-2024-27282",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27282",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27282.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2024-27282"
},
{
"cve": "CVE-2024-27983",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650738",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27983",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650738",
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
}
],
"title": "CVE-2024-27983"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29041",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29041.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-266143",
"CSAFPID-266526",
"CSAFPID-41391",
"CSAFPID-1751154"
]
}
],
"title": "CVE-2024-29041"
},
{
"cve": "CVE-2025-21507",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21507",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21507.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21507"
},
{
"cve": "CVE-2025-21508",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21508",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21508.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21508"
},
{
"cve": "CVE-2025-21509",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21509",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21509.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21509"
},
{
"cve": "CVE-2025-21510",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21510",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21510.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21510"
},
{
"cve": "CVE-2025-21511",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21511",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21511.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21511"
},
{
"cve": "CVE-2025-21512",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21512",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21512.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21512"
},
{
"cve": "CVE-2025-21513",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21513",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21513.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21513"
},
{
"cve": "CVE-2025-21514",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21514",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21514.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21514"
},
{
"cve": "CVE-2025-21515",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21515",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21515.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21515"
},
{
"cve": "CVE-2025-21517",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21517",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21517.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21517"
},
{
"cve": "CVE-2025-21524",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21524",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21524.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21524"
},
{
"cve": "CVE-2025-21527",
"product_status": {
"known_affected": [
"CSAFPID-1751123"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21527",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21527.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751123"
]
}
],
"title": "CVE-2025-21527"
},
{
"cve": "CVE-2025-21538",
"product_status": {
"known_affected": [
"CSAFPID-1751154"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21538",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21538.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751154"
]
}
],
"title": "CVE-2025-21538"
},
{
"cve": "CVE-2025-21552",
"product_status": {
"known_affected": [
"CSAFPID-1751158"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21552.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751158"
]
}
],
"title": "CVE-2025-21552"
}
]
}
RHEA-2024:7870
Vulnerability from csaf_redhat - Published: 2024-10-09 14:44 - Updated: 2026-04-30 16:20Summary
Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release
Severity
Important
Notes
Topic: Red Hat OpenShift Pipelines 1.16.0 has been released.
Details: Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.
Red Hat OpenShift Pipelines consists of:
- Tekton Operator 0.73.x
- Tekton Pipelines 0.62.x
- Tekton Triggers 0.29.x
- Tekton tkn CLI 0.38.x
- Tekton Chains 0.22.x (GA)
- Pipelines-as-Code 0.28.x (GA)
- ClusterTasks based on Tekton Catalog
- Tekton Hub 1.18.x (TP)
- Tekton Result 0.11.x (TP)
- Manual-Approval-Gate 0.3.x (TP)
## Features
- Standard CI/CD pipelines definition
- Easy to extend and integrate with existing tools
- Portable across any Kubernetes platform
- Designed for microservices and decentralized teams
- Integrated with OpenShift Developer Console
- Build images with Kubernetes tools such as S2I, Buildah, Buildpacks, Kaniko, etc.
- Deploy applications to multiple platforms such as Kubernetes, Serverless, and VMs
- Scale pipelines on-demand
- Enhance supply chain security with Tekton Chains (Technology Preview)
- Install and deploy Tekton Hub (Technology Preview) with custom catalog on enterprise cluster
- Maintain pipelines definitions as parts of an application repository with Pipelines-as-Code (PAC) (General Availability)
For more information, see the Release Notes on any one of the following platforms:
- Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_openshift_pipelines/1.14/html/about_openshift_pipelines/op-release-notes#op-release-notes-1-14_op-release-notes
- OpenShift documentation: https://docs.openshift.com/pipelines/1.14/about/op-release-notes.html#op-release-notes-1-14_op-release-notes
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
6.5 (Medium)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines 1.16.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.\n\nRed Hat OpenShift Pipelines consists of:\n\n- Tekton Operator 0.73.x\n- Tekton Pipelines 0.62.x\n- Tekton Triggers 0.29.x\n- Tekton tkn CLI 0.38.x\n- Tekton Chains 0.22.x (GA)\n- Pipelines-as-Code 0.28.x (GA)\n- ClusterTasks based on Tekton Catalog\n- Tekton Hub 1.18.x (TP)\n- Tekton Result 0.11.x (TP)\n- Manual-Approval-Gate 0.3.x (TP)\n\n## Features\n\n- Standard CI/CD pipelines definition\n\n- Easy to extend and integrate with existing tools\n\n- Portable across any Kubernetes platform\n\n- Designed for microservices and decentralized teams\n\n- Integrated with OpenShift Developer Console\n\n- Build images with Kubernetes tools such as S2I, Buildah, Buildpacks, Kaniko, etc.\n\n- Deploy applications to multiple platforms such as Kubernetes, Serverless, and VMs\n\n- Scale pipelines on-demand\n\n- Enhance supply chain security with Tekton Chains (Technology Preview)\n\n- Install and deploy Tekton Hub (Technology Preview) with custom catalog on enterprise cluster\n\n- Maintain pipelines definitions as parts of an application repository with Pipelines-as-Code (PAC) (General Availability)\n\nFor more information, see the Release Notes on any one of the following platforms:\n\n- Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_openshift_pipelines/1.14/html/about_openshift_pipelines/op-release-notes#op-release-notes-1-14_op-release-notes\n\n- OpenShift documentation: https://docs.openshift.com/pipelines/1.14/about/op-release-notes.html#op-release-notes-1-14_op-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2024:7870",
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.14/cicd/pipelines/understanding-openshift-pipelines.html",
"url": "https://docs.openshift.com/container-platform/4.14/cicd/pipelines/understanding-openshift-pipelines.html"
},
{
"category": "external",
"summary": "SRVKP-3933",
"url": "https://issues.redhat.com/browse/SRVKP-3933"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhea-2024_7870.json"
}
],
"title": "Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release",
"tracking": {
"current_release_date": "2026-04-30T16:20:15+00:00",
"generator": {
"date": "2026-04-30T16:20:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHEA-2024:7870",
"initial_release_date": "2024-10-09T14:44:53+00:00",
"revision_history": [
{
"date": "2024-10-09T14:44:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-09T14:44:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:20:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.16 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ISAACS\u0027s node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28863"
},
{
"category": "external",
"summary": "RHBZ#2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240524-0005/",
"url": "https://security.netapp.com/advisory/ntap-20240524-0005/"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:3868
Vulnerability from csaf_redhat - Published: 2024-06-17 00:43 - Updated: 2026-05-31 08:36Summary
Red Hat Security Advisory: Network Observability 1.6.0 for OpenShift
Severity
Important
Notes
Topic: Network Observability 1.6 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Network Observability 1.6.0
Security Fix(es):
* CVE-2024-29180 webpack-dev-middleware: lack of URL validation may lead to file leak
* CVE-2024-24786 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON
* CVE-2023-42282 nodejs-ip: arbitrary code execution via the isPublic() function
* CVE-2023-39326 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
* CVE-2024-28849 follow-redirects: Possible credential leak
* CVE-2024-24783 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
* CVE-2023-45289 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
* CVE-2023-45290 golang: net/http: memory exhaustion in Request.ParseMultipartForm
* CVE-2024-24785 golang: html/template: errors returned from MarshalJSON methods may break template escaping
* CVE-2024-29041 express: cause malformed URLs to be evaluated [noo-1]
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).
5.3 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the NPM IP Package. This flaw allows an attacker to perform arbitrary code execution and obtain sensitive information via the isPublic() function by inducing a Server-Side Request Forgery (SSRF) attack and obtaining access to normally inaccessible resources.
9.8 (Critical)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
5.3 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
5.9 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.
6.5 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
5.9 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.
6.5 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
93 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.6 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.6.0\n\nSecurity Fix(es):\n\n* CVE-2024-29180 webpack-dev-middleware: lack of URL validation may lead to file leak\n* CVE-2024-24786 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON\n* CVE-2023-42282 nodejs-ip: arbitrary code execution via the isPublic() function\n* CVE-2023-39326 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests\n* CVE-2024-28849 follow-redirects: Possible credential leak\n* CVE-2024-24783 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm\n* CVE-2023-45289 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect\n* CVE-2023-45290 golang: net/http: memory exhaustion in Request.ParseMultipartForm\n* CVE-2024-24785 golang: html/template: errors returned from MarshalJSON methods may break template escaping\n* CVE-2024-29041 express: cause malformed URLs to be evaluated [noo-1]\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3868",
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "2265161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265161"
},
{
"category": "external",
"summary": "2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "NETOBSERV-1279",
"url": "https://issues.redhat.com/browse/NETOBSERV-1279"
},
{
"category": "external",
"summary": "NETOBSERV-1408",
"url": "https://issues.redhat.com/browse/NETOBSERV-1408"
},
{
"category": "external",
"summary": "NETOBSERV-1424",
"url": "https://issues.redhat.com/browse/NETOBSERV-1424"
},
{
"category": "external",
"summary": "NETOBSERV-1453",
"url": "https://issues.redhat.com/browse/NETOBSERV-1453"
},
{
"category": "external",
"summary": "NETOBSERV-1459",
"url": "https://issues.redhat.com/browse/NETOBSERV-1459"
},
{
"category": "external",
"summary": "NETOBSERV-1462",
"url": "https://issues.redhat.com/browse/NETOBSERV-1462"
},
{
"category": "external",
"summary": "NETOBSERV-1544",
"url": "https://issues.redhat.com/browse/NETOBSERV-1544"
},
{
"category": "external",
"summary": "NETOBSERV-1598",
"url": "https://issues.redhat.com/browse/NETOBSERV-1598"
},
{
"category": "external",
"summary": "NETOBSERV-1606",
"url": "https://issues.redhat.com/browse/NETOBSERV-1606"
},
{
"category": "external",
"summary": "NETOBSERV-1607",
"url": "https://issues.redhat.com/browse/NETOBSERV-1607"
},
{
"category": "external",
"summary": "NETOBSERV-1621",
"url": "https://issues.redhat.com/browse/NETOBSERV-1621"
},
{
"category": "external",
"summary": "NETOBSERV-1630",
"url": "https://issues.redhat.com/browse/NETOBSERV-1630"
},
{
"category": "external",
"summary": "NETOBSERV-1647",
"url": "https://issues.redhat.com/browse/NETOBSERV-1647"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3868.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.6.0 for OpenShift",
"tracking": {
"current_release_date": "2026-05-31T08:36:54+00:00",
"generator": {
"date": "2026-05-31T08:36:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:3868",
"initial_release_date": "2024-06-17T00:43:37+00:00",
"revision_history": [
{
"date": "2024-06-17T00:43:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-17T00:43:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-31T08:36:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.6 for RHEL 9",
"product": {
"name": "NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.6.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.6.0-78"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.6.0-66"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.6.0-78"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.6.0-66"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.6.0-78"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.6.0-66"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.6.0-66"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.6.0-78"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.6.0-66"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64 as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le as a component of NETOBSERV 1.6 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39326",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39326"
},
{
"category": "external",
"summary": "RHBZ#2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2382",
"url": "https://pkg.go.dev/vuln/GO-2023-2382"
}
],
"release_date": "2023-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "No mitigation is available for this flaw.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests"
},
{
"cve": "CVE-2023-42282",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265161"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the NPM IP Package. This flaw allows an attacker to perform arbitrary code execution and obtain sensitive information via the isPublic() function by inducing a Server-Side Request Forgery (SSRF) attack and obtaining access to normally inaccessible resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ip: arbitrary code execution via the isPublic() function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It appears that npm does not utilize the bundled code therefore Red Hat Enterprise Linux is not affected by this vulnerability.\n\nWhile the vulnerability in the NPM IP Package presents a significant security concern, it\u0027s categorized as important rather than critical due to several factors. Firstly, the misclassification of the private IP address 0x7f.1 as public by the isPublic() function does not directly lead to remote code execution or unauthorized access to critical systems. Instead, it facilitates SSRF attacks, which typically require additional conditions to fully exploit, such as the ability to influence server-side requests and responses. Additionally, the impact of SSRF attacks can vary depending on the specific environment and configuration of the affected system. While SSRF attacks can potentially lead to data exposure, service disruption, or lateral movement within a network, their severity is often mitigated by factors such as network segmentation, access controls, and the availability of sensitive resources.\n\nRed Hat Developer Hub contains a fix in 1.1-91 version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42282"
},
{
"category": "external",
"summary": "RHBZ#2265161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42282"
},
{
"category": "external",
"summary": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html",
"url": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html"
}
],
"release_date": "2024-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-ip: arbitrary code execution via the isPublic() function"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269576"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Possible credential leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28849"
},
{
"category": "external",
"summary": "RHBZ#2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Possible credential leak"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-17T00:43:37+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:2791f24b0410092f1f87ff0cc37b0b17f149b20446d755995c4fc5fb2f937f15_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:798960bd10c9b7f5b688b605e50e01087361eafcc0c844394fc7762f3ca88443_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b4859faa6fb6d2a2e28100004d3daca28c7be7501aaffa92113093083de32728_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-cli-rhel9@sha256:b6588b788130d3a04d02778684aff2ce895e329115929416d9c006e2b1a86982_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:1ced6f1518fc53dfd52df9e2e823b120713eb0c894c55a5cc8925e781e2cf6cc_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:3f651994af1446e77a82b9d09786312c15d81b167766989889d3e13d365ea483_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:42a46f4b81016b1f9ad0532dc0e79286feaf6c1a764ee227d4b77b1607b90f91_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-console-plugin-rhel9@sha256:dc8d6de0a66d862bdadcfe32ead8c5f70466d40877d58fdb3de05aa703660d65_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:917b0c08532d6014acfa9b21fdb8db5d4980353151527ad0af6ec196884233bf_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:946b8f7d232509a056c8cddb800f4c8101dca3bbc4287f86369432ed76062b5b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d67320b31e2a18b6d375ced73ec075e9057bf2273246f8fe0e82172a44c1d0f7_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:f8e75d101cee6a6f28a43daeb9f72a32e81968228ca424c7ee9cd68c31d7c40d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:09c7ec9405783b3a70876a17e5c498c508ee93dc44c2a2de3ec4daabba4995ea_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2405a8a51271fb13c5a716824540b4ae5e0cdf9af62ae7257f9686ae31c853f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:73cc801e1b025728d6a08840af59b5d156cb0d6c75104f4a4a896b37cb28373b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9ddb62d832e7882c6279a5708a53f5d04c5b0736ee06159dfb82d7d1b7622b59_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:1eab84f961377b696cf46a8cddde4822949f78bedaea798140d79e59e7b646f9_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:30868483bc25d1a7c280f05ef84659e390b568422b205fffe12c3e15d8272c92_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:d935dbd477a42f9c7f48a7fd23a6390ec7cdc536a58c75782ef2bf771ff5e688_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-operator-bundle@sha256:e8f0fb2d6325764bff266705e8320a3b7a6d23370b4710b46231d4e675ccfe7b_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:21c63e737590cb3f976549b46b8f5f20e305c3ea0621549aa6d727e0df3c7726_s390x",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:42b904be06a7a546ee0edbfbb3bfa5007734db1ab4dddb599ba92c334e0f2c43_amd64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:63ac578a124ee0d2b728e95290b0b9f67b714e3663e90eb7a99fd5ca29c47008_arm64",
"9Base-NETWORK-OBSERVABILITY-1.6.0:network-observability/network-observability-rhel9-operator@sha256:a38349c1375821d057f63f4f7f5f4ff454e0a7d32a5dd3889d0fc7f1dd2b1f41_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
RHSA-2024:4873
Vulnerability from csaf_redhat - Published: 2024-07-25 15:04 - Updated: 2026-04-30 13:15Summary
Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.1 GA ]
Severity
Important
Notes
Topic: An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat build of Apicurio Registry 2.6.1 GA includes the following security fixes.
Security Fix(es):
* webpack-dev-middleware: lack of URL validation may lead to file leak [rhint-serv-2] (CVE-2024-29180)
* express: cause malformed URLs to be evaluated [rhint-serv-2](CVE-2024-29041)
* jetty: stop accepting new connections from valid clients [rhint-serv-2] (CVE-2024-22201)
* jose4j: denial of service via specially crafted JWE [rhint-serv-2] (CVE-2023-51775)
* quarkus-core: Leak of local configuration properties into Quarkus applications [rhint-serv-2] (CVE-2024-2700)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apicurio Registry 2.6.1 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:apicurio_registry:2.6
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.
7.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apicurio Registry 2.6.1 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:apicurio_registry:2.6
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apicurio Registry 2.6.1 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:apicurio_registry:2.6
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apicurio Registry 2.6.1 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:apicurio_registry:2.6
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apicurio Registry 2.6.1 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:apicurio_registry:2.6
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Apicurio Registry 2.6.1 GA includes the following security fixes.\n\nSecurity Fix(es):\n\n* webpack-dev-middleware: lack of URL validation may lead to file leak [rhint-serv-2] (CVE-2024-29180)\n\n* express: cause malformed URLs to be evaluated [rhint-serv-2](CVE-2024-29041)\n\n* jetty: stop accepting new connections from valid clients [rhint-serv-2] (CVE-2024-22201)\n\n* jose4j: denial of service via specially crafted JWE [rhint-serv-2] (CVE-2023-51775)\n\n* quarkus-core: Leak of local configuration properties into Quarkus applications [rhint-serv-2] (CVE-2024-2700)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4873",
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2266136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "2273281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
},
{
"category": "external",
"summary": "2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4873.json"
}
],
"title": "Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.1 GA ]",
"tracking": {
"current_release_date": "2026-04-30T13:15:55+00:00",
"generator": {
"date": "2026-04-30T13:15:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2024:4873",
"initial_release_date": "2024-07-25T15:04:49+00:00",
"revision_history": [
{
"date": "2024-07-25T15:04:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-25T15:04:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T13:15:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apicurio Registry 2.6.1 GA",
"product": {
"name": "Red Hat build of Apicurio Registry 2.6.1 GA",
"product_id": "Red Hat build of Apicurio Registry 2.6.1 GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apicurio_registry:2.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T15:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-2700",
"cwe": {
"id": "CWE-526",
"name": "Cleartext Storage of Sensitive Information in an Environment Variable"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273281"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2700"
},
{
"category": "external",
"summary": "RHBZ#2273281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T15:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266136"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: stop accepting new connections from valid clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue in Jetty where HTTP/2 connections can enter a congested, idle state and potentially exhaust server file descriptors represents a moderate severity due to its impact on system resources and service availability. While the vulnerability requires the deliberate creation of numerous congested connections by an attacker, its exploitation can lead to denial-of-service conditions by consuming all available file descriptors. This scenario could disrupt legitimate client connections and impair server responsiveness.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-22201"
},
{
"category": "external",
"summary": "RHBZ#2266136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/issues/11256",
"url": "https://github.com/jetty/jetty.project/issues/11256"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
}
],
"release_date": "2024-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T15:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: stop accepting new connections from valid clients"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T15:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T15:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4873"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apicurio Registry 2.6.1 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
RHSA-2024:6211
Vulnerability from csaf_redhat - Published: 2024-09-03 10:05 - Updated: 2026-04-30 16:24Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.6.1
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.1\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6211",
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "OSSM-6857",
"url": "https://issues.redhat.com/browse/OSSM-6857"
},
{
"category": "external",
"summary": "OSSM-8006",
"url": "https://issues.redhat.com/browse/OSSM-8006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6211.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update",
"tracking": {
"current_release_date": "2026-04-30T16:24:03+00:00",
"generator": {
"date": "2026-04-30T16:24:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2024:6211",
"initial_release_date": "2024-09-03T10:05:20+00:00",
"revision_history": [
{
"date": "2024-09-03T10:05:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:05:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:24:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4067",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280601"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn\u0027t find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won\u0027t start backtracking the regular expression due to greedy matching.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "micromatch: vulnerable to Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4067"
},
{
"category": "external",
"summary": "RHBZ#2280601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448",
"url": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/issues/243",
"url": "https://github.com/micromatch/micromatch/issues/243"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/pull/247",
"url": "https://github.com/micromatch/micromatch/pull/247"
}
],
"release_date": "2023-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "micromatch: vulnerable to Regular Expression Denial of Service"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:7164
Vulnerability from csaf_redhat - Published: 2024-09-26 03:46 - Updated: 2026-05-28 20:33Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update
Severity
Important
Notes
Topic: The Migration Toolkit for Containers (MTC) 1.8.4 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
* follow-redirects: Possible credential leak (CVE-2024-28849)
* moby: external DNS requests from 'internal' networks could lead to data exfiltration (CVE-2024-29018)
* containers/image: digest type does not guarantee valid type (CVE-2024-3727)
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
8.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found in Moby due to excessive data output in external DNS requests from "internal" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
References
103 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.8.4 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\n* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)\n\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\n* follow-redirects: Possible credential leak (CVE-2024-28849)\n\n* moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration (CVE-2024-29018)\n\n* containers/image: digest type does not guarantee valid type (CVE-2024-3727)\n\n* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)\n\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\n* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7164",
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "2299624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299624"
},
{
"category": "external",
"summary": "2299625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299625"
},
{
"category": "external",
"summary": "2299628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299628"
},
{
"category": "external",
"summary": "2299668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299668"
},
{
"category": "external",
"summary": "MIG-1592",
"url": "https://issues.redhat.com/browse/MIG-1592"
},
{
"category": "external",
"summary": "MIG-1593",
"url": "https://issues.redhat.com/browse/MIG-1593"
},
{
"category": "external",
"summary": "MIG-1598",
"url": "https://issues.redhat.com/browse/MIG-1598"
},
{
"category": "external",
"summary": "MIG-1610",
"url": "https://issues.redhat.com/browse/MIG-1610"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7164.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-28T20:33:38+00:00",
"generator": {
"date": "2026-05-28T20:33:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:7164",
"initial_release_date": "2024-09-26T03:46:53+00:00",
"revision_history": [
{
"date": "2024-09-26T03:46:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-26T03:46:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:33:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.8",
"product": {
"name": "8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.4-22"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.4-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.4-33"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.4-11"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.4-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.4-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25211",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2024-07-02T21:00:45+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295302"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-25211"
},
{
"category": "external",
"summary": "RHBZ#2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25211"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-869c-j7wc-8jqv",
"url": "https://github.com/advisories/GHSA-869c-j7wc-8jqv"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d",
"url": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0",
"url": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/106",
"url": "https://github.com/gin-contrib/cors/pull/106"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/57",
"url": "https://github.com/gin-contrib/cors/pull/57"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0",
"url": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2024-3727",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2024-04-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274767"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containers/image: digest type does not guarantee valid type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Some conditions are necessary for this attack to occur, such as the attacker being able to upload malicious images to the registry and persuade a victim to pull them. Hence, the severity of this flaw was rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3727"
},
{
"category": "external",
"summary": "RHBZ#2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containers/image: digest type does not guarantee valid type"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269576"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Possible credential leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28849"
},
{
"category": "external",
"summary": "RHBZ#2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Possible credential leak"
},
{
"cve": "CVE-2024-28863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-06-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ISAACS\u0027s node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28863"
},
{
"category": "external",
"summary": "RHBZ#2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240524-0005/",
"url": "https://security.netapp.com/advisory/ntap-20240524-0005/"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation"
},
{
"cve": "CVE-2024-29018",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270591"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Moby due to excessive data output in external DNS requests from \"internal\" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29018"
},
{
"category": "external",
"summary": "RHBZ#2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/pull/46609",
"url": "https://github.com/moby/moby/pull/46609"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx",
"url": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx"
}
],
"release_date": "2024-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…